Roles without password
Hello,
I know that I can have a role without a password.
And I have to comment in the PASSREQ=YES on /etc/default/login.
Is that a real security risk?
I ask because in /etc/user_attr I can control who can assume the role.
In addition, assuming an standard "factory defaults" system installation, will the above change expose other accounts or system surface?
The interest on this is that an administrative group, such as DBAs, wouldn't have to share role password.
Also, it would be more attractive than sudo where one generally (although not always I know) have to repeat its own password.
I know that I can have a role without a password.
And I have to comment in the PASSREQ=YES on /etc/default/login.
Is that a real security risk?
I ask because in /etc/user_attr I can control who can assume the role.
In addition, assuming an standard "factory defaults" system installation, will the above change expose other accounts or system surface?
The interest on this is that an administrative group, such as DBAs, wouldn't have to share role password.
Also, it would be more attractive than sudo where one generally (although not always I know) have to repeat its own password.
0