If you’ve been using Linux for any length of time, at some point in some tutorial or troubleshooting guide you’ve more than likely encountered Linux’s magic word: “sudo”. A casual observer probably can tell you that it’s used to access restricted functions on your computer, but there’s much more to it than that. My hope is that by taking a moment to dig into the history and inner workings of this command, you will be better equipped to utilize — and respect — the power of “sudo”. For starters, it helps to look at Linux’s ancestor, Unix.
You article is very flawed. Your article appears to be aimed at a multi-user business system. This comment assumes that situation.
su is NOT short for "substitute user". (Some sites do say "substitute user", incorrectly!) It is short for "superuser". It's primary use is NOT to execute commands as another user (Although it can be used that way by an Administrator, only!) but to elevate a Administrator's user privilege to root temporally to execute commands as root.
Also as a Linux System Administrator professional, I am never confused if I am a regular user '$' or root '#'. Most users of "su", never type, "exit", they execute a simple [Ctrl]-[d].
As a Linux professional, I do not allow "sudo" on my systems, at all! It has been removed completely! I do NOT want end users executing ANY root level commands.
"He could give Yolanda the root account password..." If Yolanda was NOT an Administrator, she would NEVER be given the root password. All my systems would be accessible by me securely through SSH, so I would do any maintenance remotely, or by a fully qualified secondary Administrator locally!
"..."sudo" acts as a kind of check that prevents the user from accidentally doing something destructive." If end users cannot "sudo", then they cannot, "do something destructive" in the first place! sudo does not eliminate all chances of harming the system!!!
"If she simply shares her password with Bob, then he can run "su" with Alice's username." Or Bob can simply log in as Alice, without the need for su! Plus doing this would be a clear violation of my computer policies!!!
If two users need access to the same data, I would simply set up a shared directory that they, and possibly others, could access, but no one else, except myself, of course, eliminating this use of sudo.
If a user owns a Linux computer at home and is under their full control, then that user can use sudo or any other command they wish, at their own risk, but not in a business system at any level! There are other options and/or policies available.
I strongly recommend you go back a study a good book on Linux/UNIX, and the CLI, (Command Line Interface), and do a "man su".
Loading ...
Sudo or Sudo Not, There Is No (4th) Try
Posted by: Jonathan Terrasi June 24, 2017 10:40 AMIf you’ve been using Linux for any length of time, at some point in some tutorial or troubleshooting guide you’ve more than likely encountered Linux’s magic word: “sudo”. A casual observer probably can tell you that it’s used to access restricted functions on your computer, but there’s much more to it than that. My hope is that by taking a moment to dig into the history and inner workings of this command, you will be better equipped to utilize — and respect — the power of “sudo”. For starters, it helps to look at Linux’s ancestor, Unix.
su is NOT short for "substitute user". (Some sites do say "substitute user", incorrectly!) It is short for "superuser". It's primary use is NOT to execute commands as another user (Although it can be used that way by an Administrator, only!) but to elevate a Administrator's user privilege to root temporally to execute commands as root.
Also as a Linux System Administrator professional, I am never confused if I am a regular user '$' or root '#'. Most users of "su", never type, "exit", they execute a simple [Ctrl]-[d].
As a Linux professional, I do not allow "sudo" on my systems, at all! It has been removed completely! I do NOT want end users executing ANY root level commands.
"He could give Yolanda the root account password..." If Yolanda was NOT an Administrator, she would NEVER be given the root password. All my systems would be accessible by me securely through SSH, so I would do any maintenance remotely, or by a fully qualified secondary Administrator locally!
"..."sudo" acts as a kind of check that prevents the user from accidentally doing something destructive." If end users cannot "sudo", then they cannot, "do something destructive" in the first place! sudo does not eliminate all chances of harming the system!!!
"If she simply shares her password with Bob, then he can run "su" with Alice's username." Or Bob can simply log in as Alice, without the need for su! Plus doing this would be a clear violation of my computer policies!!!
If two users need access to the same data, I would simply set up a shared directory that they, and possibly others, could access, but no one else, except myself, of course, eliminating this use of sudo.
If a user owns a Linux computer at home and is under their full control, then that user can use sudo or any other command they wish, at their own risk, but not in a business system at any level! There are other options and/or policies available.
I strongly recommend you go back a study a good book on Linux/UNIX, and the CLI, (Command Line Interface), and do a "man su".