su vs. sudo
I am curious.
|
Can't answer the poll because it isn't an either/or problem. For one-line commands I use frequently, I tend to use sudo, for longer sessions as root, I'll use su.
|
I say sudo is overrated, I don't even install it.
|
Quote:
|
The only place that I use sudo is in my laptop so that I can do suspend to disk without having to su to root.
For all the rest, if I want to play God, then su and typing a password is a small price to pay. I like the discipline of thinking about whether I really need root privileges to perform a task. |
Neither one!.
If I need root access to a folder, I will open it using file-manager in super-user mode; If I need root privileges at a command line, I will open the terminal program in super-user mode. |
I don't use sudo. I might see a 'slight' advantage to not having to type in your root password to do certain administrative tasks, but in the long run to me that can be a security risk if somebody else is using your computer and decides to mess around with commands. Especially if the user is unexperienced, and stumbles upon sudo, you may as well just gives them your root account. I prefer su. To me it is a lot safer anyways. Plus I am also too lazy to even bother setting up sudo.
|
Quote:
|
Quote:
Plus, my root password is a lot harder to guess, ;) |
I use su.
|
Su's the girl for me. :)
|
I use su, unless I have to open a gui from console, then I have to use sudo.
|
'su -c' if i only need one command and 'su -' if i need to work as root.
|
Quote:
|
yeah I do what Hangdog suggests, I use sudo, but exact commands which shouldnt do any harm if someone other than myself got on to the system.
Burning discs (cdrecord requires root permission), mounting discs, running security tools like kismet and rkhunter. I will su for occassional commands though. |
Quote:
|
100% agree with Hangdog42, sudo is there to give limited root privs to users that need them to perform a certain task.
|
Quote:
Alt+F2 (or terminal) and type kdesu xfe/konqueror/whatever. |
are there dangers with sudo and requiring the user to enter the root password? Obviously this would be intended for basically a single user type environment.
|
Quote:
|
One can setuid root those apps.
OTOH, one can limit the number of users gaining root privileges via sudoers file. |
Quote:
Quote:
|
I only use sudo for suspend/hibernate commands on my laptop and for calling pendrive automounting scripts I have hooked onto udev (vl-hot from VectorLinux).
Everything else is with "su". Quote:
I shudder at the sight of commands like "sudo su". |
The only time I ever used sudo was in a 3 part script that detected my scsi scanner (as root) and then opened xsane as a user. Then along came udev and hal and it all became obsolete.
samac |
Quote:
|
Quote:
I think the original purpose of sudo is to be something in-between regular user and super-user, to give users certain super-user privileges in a controlled manner ... I suppose to somehow stop them from f'n up their system. Well, they're gonna figure out a way to do it in spite of sudo :) |
probably good idea to use sudo when you are running Redhat but for slackware user it is optional imho :)
But of course it also depends on your environment, house/work/etc. |
Quote:
But my parents' computer has Centos 5 on it and all the authentication dialog boxes that pop-up for administrative tasks demand the root password, not the user password. So I'm guessing that RH is still sticking with "su". Quote:
|
Quote:
|
Different tools for different uses
Quote:
sudo != su - they are two different methods of arriving at similar outcomes, but they have different rules and applicability that should be understood for intelligent use. |
I use su
I have sudo installed, but I never bothered to configure it. Quote:
|
I very rarely use sudo, particularly in some scripts launched from a normal user console.
David |
I like ktsuss as a lightweight replacement for kdesu. :)
|
I rarely use su. My sudo was compiled to allow non-password use by myself as a member of group root. If I need to make large changes I will sudo to init 3, log in as root, and proceed to do the work needed from the ASCII console. Otherwise it's sudo to burn, sudo to read restricted files, etc.; any time I am restricted as a user from doing what I then wish to do in a "normal" functional manner.
Any time temporary root privileges are sufficient to do what I want, the rational restrictions of sudo are my safe way to use root. I figure if you need the graphic terminal to do what you want done, sudo is the preferred application to gain root; su is overkill, and VERY dangerous in a graphics environment. It's so easy to get it wrong. |
Quote:
|
Quote:
Here's the way to do it: http://www.ducea.com/2006/06/18/linu...sswd-nopasswd/ |
With sudo you can specify every & each command allowed per user and / or per group, requiring or not the users password to confirm.
I am not a big fan of sudo, as it might create security holes and I *HATE* configurations where ALL users can execute ALL commands on ALL hosts just by using sudo. If you set up your system like this you might as well let everybody log in as root. In some situations, you will need sudo. Sometimes you need to allow users to execute some commands in a shell script and without typing passwords. In this case, I think it's best to specify the full command with parameters in sudoers (like "killall xxxx", not just "killall") so that permissions are as limited as possible. I also prefer to allow groups to execute commands, not users, but this goes for most system administration tasks. For instance, if you need users of department "xyz" to execute a "killall abc" command, put them in a group like "dept_xyz" and give permission to this group to execute "killall abc" - not to ALL users and not the "killall" command in general. Used with caution sudo can be an ally, without, it can become your grave. |
Quote:
|
Quote:
Same goes for SELinux. If you don't configure it properly you can seriously mess up your system. Moral: If you're looking to make your system more secure, make sure you configure the tools you are using properly or you may be doing the opposite. |
For some tasks I use su and for some I use sudo.
When I want to start root’s session in terminal or xterm I use “su -”. When I want to run as root some graphical application I use “su”. It’s possible because I set in my .xinitrc the command “xhost `hostname`”: $ cat ~/.xinitrc Code:
xhost `hostname` # cat /etc/sudoers Code:
Defaults timestamp_timeout = 0 To make usage of sudo painless I put in my .bashrc a bunch of aliases: $ cat ~/.bashrc Code:
export PS1="\u@\h:\w\$ " |
All times are GMT -5. The time now is 11:28 AM. |