Comment by OvervCW

8 hours ago

Any program on your computer can just run "sudo" to escalate itself.

1 comment

OvervCW

Reply
hk__2  4 hours ago

The problem is not the passwordless sudo but running untrusted programs on your computer under your user. They don’t need sudo to steal your SSH keys or inject malicious code in your .bashrc.