agreed.. I suspect the real reason it's there in the first place is to prevent the case of someone leaving their computer session open to go get coffee or something and a bad actor coming in and doing some administrative stuff when you aren't looking...Of course you have to be logged in before you can even type sudo on the cli.It's not the problem, it's neutralizing it.
Without asking for a password, what is it for?
a bad guy knows how to type "sudo", but he doesn't know how to type the password
If someone can bypass the user password I would also expect them to be able to bypass a sudo password...
If you are working in the office, totally relevant, if you are in your own home or an environment where you aren't surrounded by scoundrels, you are probably ok.
(edit: of course as someone else noted above, the pi by default logs you into the desktop without asking credentials, but that doesn't negate my argument above, it all depends on what kind of environment you are running in. I suspect the pi defaults will keep out people trying to reach out and touch you through the internet, (but not much else by default, and depending on what services you enable even that can get compromised if your not careful (or running behind a nat layer))).
Statistics: Posted by pfharlock — Wed Feb 26, 2025 11:13 am