I installed some software by running its install script with
sudo ./install.sh
After the installation all the accounts on my Ubuntu laptop can gain root access by simply issuing the command sudo -s, even the standard (non administrator) account. Also there is no password prompt when issuing the command sudo -s.
My /etc/sudoers looks like this:
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
ALL ALL=(ALL) NOPASSWD:ALL
If you look at the very bottom of your sudoers file, it says "ALL ALL=(ALL) NOPASSWD:ALL". This is the syntax for passwordless execution of sudo. Make a backup of the file and then delete that line.
Andrew
Remove this line:
But this is REALLY strange to appear, so the software (basically a script I guess) you installed is probably mallicious. You might want to start a second question, paste the contents of that script there, and ask for advice... this is scary!