Sudo password for user

The auto login feature when Whonix-Host boots up may be a good feature. But please consider reverting back to default changeme password or provide an option to set a password when calamares installer is running when installing to Hard drive or USB. I installed veracrypt and when I ran it. It broke the mounting/unmounting capability from the GUI because by default the user account doesn’t have a password which complicates things for newbies. To unmount we have to use the terminal. Can the login screen be displayed when the screen locks itself due to inactivity? Also giving passwordless sudo access to applications is more dangerous regardless of whether malware can access the password through an exploit. Passwordless access can provide simple malware the capability to gain root access and affect the system without finding an exploit.

Godzilla via Kicksecure Forums:

The auto login feature when Whonix-Host boots up may be a good feature.

Off-topic.

This is not a Whonix support forum.

I installed veracrypt and when I ran it. It broke the mounting/unmounting capability from the GUI because by default the user account doesn’t have a password which complicates things for newbies.

This a bug that you would need to report to veracrypt.

Can the login screen be displayed when the screen locks itself due to inactivity?

You can use a Screen
Lock
.

Also giving passwordless sudo access to applications is more dangerous regardless of whether malware can access the password through an exploit. Passwordless access can provide simple malware the capability to gain root access and affect the system without finding an exploit.

An exploit is not even required.

These are general issues. These issues are unspecific to
Kicksecure
. Most if not all
Freedom Software Linux desktop distributions are affected by one or
multiple of these issues. This is elaborated here:

Or another way to look at this: There are already multiple decades old
exploits available and it’s trivial to use these.

All of this is elaborated on this wiki page:

The main thing is to fix the user’s password in live mode, please (sorry, I wrote about this before, but this is only serious problem with live-mode). But I like his idea of creating a password when installing on host. The lack of a password is unusual, and someone can be scary.

This is an experimental OS still in development. This OS is not meant for end users who want security. Thus it would not be an issue even if malware gains root access due to passwordless sudo. For instance through Javascript.

This is an experimental

This label has been removed.

@sam The password was removed for simplicity reasons. If you want more security you can try Tails OS it’s user account is protected with a password.

I don’t think the presence of passwordless sudo is the topic of this thread. The question was about a bug wherein sudo access required a password when not in live mode, but did not require it when in live mode.

Yes it is not the topic of the thread but I was addressing the concerns of some comments by users in this thread who think that superuser needs to be protected by a password.

Rationale for Protecting the Root Account

No. The actual reasons can be found here:
Rationale for Change from Default Password changeme to Empty Default Password

Tails is for anonymity. Kicksecure is a “normal” operating system. Elaborated here: Privacy Goals and Non-Goals of Kicksecure

The user can just set a password. There’s no need to switch the operating system if that is the only “issue”.

For those who deeply care about this topic, I recommend to study:

And related wiki pages.

This bug has been fixed in new update. Everything works perfectly

1 Like