I want to have to authenticate before I do something requiring root perms on dom0 and Defaults rootpw in /etc/sudoers isn’t affecting anything.
Please be patient with my basic question.
What’s the point of using sudo with a password in dom0 if all your work is done inside the qubes and you can access the qubes without root in dom0?
so my roommate can’t walk into my room and sudo rm -rf --no-preserve-root / me as a highschool prank.
1 Like
Well, he still can qvm-remove --all --force even without sudo which will be the same.
1 Like
Basically trust no room mates.
Trust no one.
1 Like
I’m learning so much. Thank you guys. Please be patient.
So superuser stuff is allowed without password auth in dom0 by design?
The qubes are considered user data in dom0.
2 Likes
Alright. I suppose I get it.
You still can lock your computer while you’re away to prevent this
3 Likes
In the end that’s the simplest solution.
If they can get into your session they will be able to damage you, even if it’s not a matter of wiping out the entire system.
2 Likes
thanks steve
well this would be above the pay grade of a “high school prankster” imo.
2 Likes
If it’s any consolation, a “high school prank” often turns into a “very expensive lawsuit” once you become an adult, and is considered the lowest of lows. Completely devoid of any honour and decency…
So I guess your roommate has a few things to think about, and very limited time to do so 