"The change affects only new installations - existing setups are untouched. Using the sudo prefix to run a command with administrator privileges will now prompt for a password; enter it wrong, and the command is refused."
"Passwordless sudo by default was a clear vulnerability, even if Raspberry Pi acknowledged that beefing up security is 'a tricky balance.'"
"Reaction from users has been mixed: One called it a 'lame change' and said 'it ruined my day,' while others accepted the need to improve the default security posture."
"For a device with free-wheeling hobbyist roots, requiring a password feels like a small but meaningful step toward the mainstream, which is understandable, even if not universally welcome."
The latest Raspberry Pi OS version mandates a password for sudo commands in new installations, enhancing security by preventing unauthorized access. Existing setups remain unchanged. Users can revert to passwordless sudo if desired. While this change may disrupt certain scripts and inconvenience some users, it addresses a significant security vulnerability. The system allows multiple sudo commands without re-entering the password for five minutes. Reactions vary, with some users expressing frustration, while others recognize the necessity of improved security measures.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]