Security of using sudo rather than su?

[Bernard Peek]

> Hm. But you have to guess only one username and one password, while
> without sudo, you have to guess one username and two passwords.
>
> How is the security doubled when using sudo?

Without sudo you have to guess 0 usernames and 1 password.

That's true, and Ubuntu may theoretically be less secure than a Linux distro
that uses a root account. But that's only half the story.

This is a time to learn from Microsoft's mistakes. Most standalone Windows
installations, until recently, used one login with admin rights. There
wasn't anything stopping users from separating user and admin logins, but
they didn't. They preferred ease of use over security. The traditional Linux
approach valued security over usability. This was partly because most UNIX
installations had a sysadmin who was paid to do all of the sysadmin jobs.

For many Linux users there is no sysadmin, and sysadmin roles need to be
filled by people who have made the decision that they value ease of use over
security. This isn't an education issue, they already have all of the
information they need and have made an informed decision. Ubuntu deserve
applause for developing a compromise that effectively gets most of the
security of UNIX without imposing additional onerous tasks, which many users
would refuse to do. IMHO this is preferable to the Linspire approach, which
is to have users working while having superuser rights. Distros that are
going to be widely used by the average home user currently have to choose
between those two options. It would be better if someone could find a way to
get all of the security advantages of UNIX systems without compromising for
the sake of usability, but Ubuntu seems to be the best compromise currently
available.

So if you think that Ubuntu isn't secure enough, find a more appropriate
forum and start designing something better.