On 12/12/05, Rony Bill ronbillypop@yahoo.co.uk wrote:
Situation A: The root never logs in. He uses a user account and for any admin work he does 'su - ', enters root password and carries out the tasks and exits su. He is otherwise a user.
If you forget to logout the su -, its dangerous, you have complete root access, any one mistake, like rm -rf /
root@ILUG# rm -rf / # sorry for deleting Mail Archives ;) is dangerous
Situation B: The root never logs in. He uses a user account that also
has root level access through the sudoers entry. This appears alarming as, for all the time he is logged in as user, he has the power of root which is as powerful as a root login.
sudo exits automatically, its just like using su -c "<command>" but in su, you've to enter ROOT PASSWORD, with sudo, you have to use of SUDOER's PASSWORD
you can define where (Host) and what (file and program access) you can access and should it be with or without authentication.
sudo rm -rf / # is dangerous
If you know what you are doing, both are safe!
Difference is human error
Desktop people normally forget to exit su - to avoid annoying permissions, and continue to use root user.
Conclusion : Both are equally safe/dangerous, but sudo is safer for desktop user, unless you program your shell to use sudo before every command
Revant