On Sat, May 13, 2023 at 10:35:31AM +0200, Michel Verdier wrote: > Le 12 mai 2023 tomas a écrit : > > >> > `sudo bash` anyone? > >> > >> also quicker done with > >> su - > > > > But not the same. > > Which differences do you see ?
For su, you have to enter the root password. For sudo, there are many options, depending on config. Typically you enter yours. Plus, you can configure which commands (and args) can be done by whom, based on user id, local or remote, etc. OTOH the sudo system is way more complex than simple su, so there's more place where bugs can hide (it has had actual issues, btw). Security is engineering: always looking for a good tradeoff. Not magic. (That's why I cringe when people around here scaremonger about "you NEED to have a password" and things. People should know what they are getting into, for sure, but at the same time they should take their own decisions). Cheers -- t
signature.asc
Description: PGP signature
