So you mean when I launch a terminal, su to root and update my Slackware -current with slackpkg, edit some configuration files or generate a new initrd there is a chance of malware or other attacks? How? Would you please explain that to me?

There are plenty of web pages on this topic. It is not new. Any search for sudo versus su or such would provide reasons for this as a best practice.

Sure you will get a lot of kooks that don't belive a root user could be hacked and that the only reason for sudo is to prevent fat fingering commands.

Your system will only be as secure as the level and amount of best practices you use.

Still you delivered no answer. This is not a su/sudo thing, you simply said that using su is insecure and not a good practice, but are lacking to give any evidence for that.

You are trying to get me to make you believe. I feel you would be better served looking at web pages or books that use the su versus sudo arguments. I doubt you'd believe them.

This isn't a new topic either. The subject has been warmed over for maybe 10 years or more.

Good for you! Except you shouldn't mistake the fact that you do for something to advertise or even a security best practice.


...back to the main topic if you please. Malware may not be the reason to prefer Sudo over su but as John VV already said, this being the most important reason for preferring Sudo over su, 0) su requires you to share the root password which you shouldn't want on a multi-user system. Also people tend to forget 1) root is the administrative account and not something regular users should access for tasks other than systems administration. (And the OP never posted back any reason other than ""give access on whole file system" so this might be another case of doing the right thing the wrong way.) Finally, using Sudo for specific tasks 2) limits risks (unless you're stupid enough to allow "Cmnd_Alias rm = /bin/rm *" or equivalent badness, that is).

Could you please post a link to a relevant site? As i have tried a number of different searches and have been unable to find any relating to increased vulnerability to malware/attacks by being logged in as root.