[please follow up to -project or -admin or just me, depending on what
seems more appropriate.]

Hi,

if you use sudo on project machines this will affect you.

The short version:

If you want to use sudo in the future, go to http://db.debian.org/ and set a
sudo password for you.

A slightly longer version:

We are trying to limit the exposure of login and ldap passwords on project
machines. Currently everybody who is using sudo on a project machine has
to use their login and ldap password, which in case of a compromise can be
used to access other machines and change the user's settings in ldap.

Since sudo uses the pam library to authenticate users, we can make use of a
dedicated passwords file using libpam-pwdfile for authentication to sudo.