Hacker News new | ask | show | jobs
by organman91 3664 days ago
There's one very good reason to use sudo instead of being in a root shell: audit trails. sudo logs its invocations. While you could always see who is becoming root, you'd have to look through root's shell history to see what's happening (which isn't hard to purge - one of the many reasons a remote syslog server may be called for).
1 comments
sliken 3664 days ago
Why not enable auditing?
link
brainfire 3664 days ago
Why enable auditing when you already get the information you want with your current setup?
link
sliken 3664 days ago
Because sudo only works when you sudo, it's just one more thing to type/mistype. Do you really want to pay your sysadmin to sometimes run sudo and sometimes have logging? Or would you rather automate it and get 100% logging?
link
brainfire 3663 days ago
Who's implementing it and why would it cost me less than paying a sysadmin to use sudo?
link
LoSboccacc 3664 days ago
Sudo su
link