> >3. Third, I configure sudo so that user's have to supply root password > (not theirs). > > How do I do this? Add the "rootpw" option to the Defaults section in /etc/sudoers. For example mine looks like this: Defaults !lecture,tty_tickets,!fqdn,rootpw As Derek pointed, you should only do this on single-user machines.