0

I am running a new installation of raspbian.

Whenever I type a sudo command I do not require a password. sudo passwd let's me change the password without prompting me for anything either. I am logged in as pi but changed the user password.

After the install I did nothing else than installing gedit and doing some python scripting.

I feel this is a security flaw if I do not need a password for any of that.

idkfa
  • 123
  • 6
  • It's a feature or lets say for Raspbian that is by design. – Ghanima Apr 07 '16 at 11:23
  • As is anyone that can log on the pi can be become root. What is the advantage of that feature? – idkfa Apr 07 '16 at 11:41
  • I'd go with convenience over security, given the targeted audience of the Pi and the use cases. If you want security you'll have to harden it for yourself (see the linked Q&A which addresses that point). – Ghanima Apr 07 '16 at 11:57

0 Answers0