Security of using sudo rather than su?

Felipe Alfaro Solana felipe.alfaro at
Thu Sep 14 18:13:09 UTC 2006

> > 3. Third, I configure sudo so that user's have to supply root password
> > (not theirs).
> >
> Sorry, I just can't see any way that this "improves" security.  If users are
> to be allowed to perform administrative tasks, it is a really, Really,
> REALLY, bad idea to make sudo use the root password.  Then you have to
> _give_ them the root password.  Then they can simply login as root, have
> access to all admin functions, instead of just the ones you want them to
> have, and never have to worry that you're logging their actions.  This is
> not security.

For servers where there are multiple administrators, sure this is not
a good idea. However, I was talking about single-user machines, like
desktop machines.

More information about the ubuntu-users mailing list