[olug] To Sudo or Not to Sudo, That is the Question

Christopher Cashell topher-olug at zyp.org
Sat Nov 1 01:56:28 UTC 2008


On Wed, Oct 29, 2008 at 10:51 PM, T. J. Brumfield <enderandrew at gmail.com> wrote:
> I never use sudo.  As soon as a I open a terminal (yakuake) I type su
> - and go straight to then running all commands as root.  If I have to
> do something as a normal user, I open a new terminal tab.
>
> I find it extraneous to constantly use sudo.  That's just how I roll.
>
> What about everyone else?

I'm a big fan of sudo, and make heavy use of it pretty much
everywhere.  At my previous employer, we were working toward phasing
out all direct root logins in favor of sudo.  Personally, I think
that's a Very Good Thing (tm) in any production environment, as it
increases security and provides additional forensic/log information
 if needed.

At home, even though I';m the only one administrating the machines, I
still use sudo for pretty much everything.  Keeps things consistent,
and reinforces good habits.  Oh, and it also can save you from making
stupid mistakes, because it requires that little bit of extra thought
when you're making use of root access.  You're less likely to
accidentally typo and put a space in your 'rm -rf ./' command and end
up with 'rm -rf . /', because you know that when you start the command
with 'sudo' you need to pay a little extra attention.  You're more
aware of the access you're using.

Additionally, sudo allows you much finer grain control, often reducing
or removing the need to spread the root password to more people.  And
with the ability to store sudo information in LDAP, you can manage
your sudo configuration globally and make changes for lots of machines
trivially.

-- 
Christopher



More information about the OLUG mailing list