Security of using sudo rather than su?

Felipe Alfaro Solana felipe.alfaro at
Fri Sep 15 04:39:59 UTC 2006

> No, either of two condtions to be true:
> 1. One user name
> 2. That user's password
> OR
> 1. root's password
> This is because 'sudo -i' will work regardless of root having a
> separate password or not.  You decrease security by adding another
> avenue of attack.

I don't understand what you're saying. To run sudo, one needs to be
logged as a normal user, so one needs first to guess a valid
username/password combination.

More information about the ubuntu-users mailing list