So I am in the process of trying to make my N900 more secure. I have performed a few steps already but im getting stuck due to being able to run sudo gainroot or even sudo "command" from the local xterm or ssh and get root without a password. So essentially someone could pickup my phone type root and have root access I consider that a security risk.

I have SSH installed and have set a root password, disabled root access to ssh and created a password for user so I can log into ssh without coming in as root.

1. I don't want to be able to issue the sudo command without a password. I need it password protected. Just like standard ubuntu

2. Honestly I don't even want rootsh period but I hear it's required for certain things to work properly, I tried removing it but it says "can't uninstall" I guess its dependent for another app

Bottom line is I want it to mimic a normal debian install, issue sudo "command" and if the user is in the sudoers file be prompted for the password for that user and run as root. Do I really need rootsh would like to ditch it and just issue sudo su root to gain root access.

Is it as easy as editing the sudoers file to accommodate the requests? If so i want to make sure I do it correctly because I would rathert not brick my device.

Here is my sudoers file if i can just edit that to overcome my requests just show me how...
Thanks for your time, I love this site, N900's and similar RULE! Why would anyone want any other computer




PS - anyone know a command to pull the GPS coordinates from the term?


Attachment: /etc/sudoers