Security of using sudo rather than su?

Christofer C. Bell christofer.c.bell at
Thu Sep 14 21:58:05 UTC 2006

On 9/14/06, Felipe Alfaro Solana <felipe.alfaro at> wrote:
> >
> > Why is this view wrong?
> I don't know, but I agree with you:
> 1. First, I don't allow root login except locally on trusted consoles.
> 2. Second, I set a password for root.
> 3. Third, I configure sudo so that user's have to supply root password
> (not theirs).
> So, in order to get access, you need to guess:
> 1. One user name
> 2. That user's password
> 3. root's password.

No, either of two condtions to be true:

1. One user name
2. That user's password


1. root's password

This is because 'sudo -i' will work regardless of root having a
separate password or not.  You decrease security by adding another
avenue of attack.


"I'm from the government and I'm here to help you."

More information about the ubuntu-users mailing list