Nice article on why we should use sudo instead su. Actually it’s one of “must read” articles.
GNU/Linux distributions use the “su” model to elevate user priveledges. SU (or Substitute User) is a simple command which allows you to assume another identity on your pc. It’s most-often use is to become the root or administrative user. Both GNOME and KDE provide graphical tools which perform the same task, allowing you to install packages, change your resolution, and so on.
Sudo is a tool that supports allowing users to use their own credentials for privilege escalation. No two passwords. No root user. Furthermore, sudo already supports granularity. If Linux distributions used sudo instead of su by default, you wouldn’t have to give out the root password to anyone who needed to become an administrator on a unix box.
Here are some of the features and reasons to use sudo:
- Least privilege: Some users need to be able to change network configs, or shutdown the pc without root. Sudo allows specific users (or groups of users) to run specific commands, and not any others.
- Logging: Every single command used through sudo is logged. This enables you to see who did what which is great from a security point of view, and essential from a troubleshooting point of view. When used in tandem with syslog, you can log all restricted commands to a central “log host”.
- Timestamping: Sudo uses timestamp files to implement a “ticketing” system. When a user invokes sudo and enters their password, they are granted a ticket for 5 minutes. Each subsequent sudo command updates the ticket for another 5 minutes. This avoids the problem of leaving a root shell where others can physically get to your keyboard. There is also an easy way for a user to remove their ticket file, useful for placing in a .logout file.
- Shared Configuration: Sudo’s configuration file, the sudoers file, is setup in such a way that the same sudoers file may be used on many machines. This allows for central administration while keeping the flexibility to define a user’s privileges on a per-host basis.
- Root Shells: Sudo avoids the “I can do anything” interactive login by default – you will be prompted for a password before major changes can happen, which should make you think about the consequences of what you are doing. If you were logged in as root, you could just delete some of those “useless folders” and not realize you were in the wrong directory until it’s too late.
- Script Kiddies: Every cracker trying to brute-force their way into your box will know it has an account named root and will try that first. What they don’t know is what the usernames of your other users are.
- Box Ownership: Sudo allows easy transfer for admin rights, in a short term or long term period, by added and removing users from groups, while not compromising the root account.
Read more at xtermin.us…