Advantages of 'sudo' Over 'su'?
Jim Cheetham
jim at inode.co.nz
Fri Oct 1 21:30:56 UTC 2004
On Oct 2, 2004, at 5:00 AM, Andrew Zbikowski wrote:
> Sudo adds a log entry of the command(s) run (In /var/log/auth.log). If
> you mess up, you can always go back and see what commands were run.
>
> I used to support a couple Linux servers on a consulting type basis.
> The on site folks had sudo access. I always told them if you need to
> do something as root, use sudo so there is a log of what you did just
> incase something goes wrong and you need me to fix it. And if I see
> that the command you ran was sudo su -, I'm going to charge double.
This would work well, as long as enough setup were done first. One
example to make people think is where a sudo'd command needs to be
executed in a specific directory (e.g. RCS operations) where the
current user has no permission to be.
The cheat's method is to sudo a shell, cd to the location and run the
command ...
A better method would be to change the permissions of the directory to
allow the user (possibly in a separate group) to cd to it.
> A password is like your underwear; Change it
> frequently, don't share it with others, and
> don't ask to borrow someone else's.
>
Now, I *like* that :-)
-jim
More information about the ubuntu-users
mailing list