Security of using sudo rather than su?
Felipe Alfaro Solana
felipe.alfaro at gmail.com
Thu Sep 14 18:13:09 UTC 2006
> > 3. Third, I configure sudo so that user's have to supply root password
> > (not theirs).
> Sorry, I just can't see any way that this "improves" security. If users are
> to be allowed to perform administrative tasks, it is a really, Really,
> REALLY, bad idea to make sudo use the root password. Then you have to
> _give_ them the root password. Then they can simply login as root, have
> access to all admin functions, instead of just the ones you want them to
> have, and never have to worry that you're logging their actions. This is
> not security.
For servers where there are multiple administrators, sure this is not
a good idea. However, I was talking about single-user machines, like
More information about the ubuntu-users