Ramblings of a Professional Computer Geek

March 19, 2010

sudo? Please don’t.

Filed under: Linux — Padma @ 8:13 pm
Tags: , , , ,

I made a comment in a post the other day to the effect that I found the current use of “sudo” in personal computers to be an abomination.  I’m going to explain what I meant by that.

First, let me point out to everyone who doesn’t know me that I’m not some wet-behind-the-ears Linux novice.  (If I were, I’d probably like sudo. ;))  I’ve been administering *nix systems for over 20 years, since before a young Finn named Torvalds even wrote the first line of code that was to become Linux.  I know su, and I know sudo.  They both have their purposes.

Sudo is very good at what it is designed for.  It is intended to give limited root ability to specific users for specific tasks.  On large multi-user systems, this allows a few select individuals to do certain important tasks without giving them the “keys to the kingdom”, i.e., the root password.  It is supposed to allow certain select individuals the ability to run certain specific commands as another user, usually root.

Su, on the other hand, is also very good at what it is designed for.  It is intended to allow any user who knows the password of another user, to become that user.  Whoa!  That’s powerful!  Why would anyone want to allow that?  The obvious answer, of course, is to switch user to root, and perform system admin functions.  And if only sysadmins have the root password, only sysadmins can use su to become root.

I can hear the objections now: “That’s why you use sudo, so nobody can become root and damage your system.”  To answer that, just open a terminal and type “sudo su -“.  You are now the root user, without even having to know the root password!

As if that weren’t enough, the most common implementation of sudo in Linux is to give the first-defined user all sudo-privileges.  In other words, the first user has access to all parts of the system, knowing only their own password.  Just like in Windows, where the first user is automatically the Administrator, and can access the entire system by knowing only their password.  Using sudo-based distros reminds me of Windows Vista, with its annoying UAC popups.  I don’t need to know anything more than it took to log onto the machine.

With su, at least you need to know two passwords to get access to the system.  And only those who need to access the system can do so.  Sure, if it’s really a single-user PC, it seems like it could be extra hassle, but really, how often do you really need to access system-level things?  And by having a separate, strong root password, I don’t worry about others getting in, even if they discover my user password.



  1. I’d have to agree. I always find having to re-enter a password at various points annoying, but on a personal computer it’s just silly. I’ve already proven who I am, so why force me to do it again? I do realize the reason behind it from a UNIX perspective but it’s an unnecessary obstacle on a typical home desktop system.

    BTW, do you know of anyone in your part of the country who may be looking for an entry-level software engineer? I’m starting the job hunt and trying to avoid California and the Northeast, which is kind of limiting my options.

    Comment by WildWeazel — March 20, 2010 @ 11:07 am | Reply

    • Well, using su you have to enter passwords as well, but it feels more deliberate, to me. If you’re working command line, you can simply issue “su” and the root password, do *all* the work you need to do, and exit, in one session.

      When working in a graphical desktop, the assorted tools that require root access generally provide a popup for the password, but it’s the root password, not your own, which make me, at least, know I’m doing something “special”. 😉

      Lots of places around here are hiring, but it’s true entry-level stuff – nothing like the fun you’ve had up till now. 😉

      Comment by Padma — March 20, 2010 @ 11:50 am | Reply

      • That’s the problem, most companies want experienced software engineers or entry-level code monkeys, of which I am neither.

        Comment by WildWeazel — March 22, 2010 @ 6:45 pm

  2. I prefer working with su for very similar reasons. In fact, on my current computer, I have split myself over a number of different accounts, including one dedicated to dealing with WordPress, one for normal surfing, one for “risky” surfing, one for movies/music, etc. (With very restrictive file settings and other right reductions to a need-to-know/do basis.) This way, if one account is compromised the others stand a reasonable chance of escaping.

    With the blending of roles and the mentality implied by sudo, however, even a simple browser-bug can be a threat to the entire computer.

    (In all fairness, a correct use of sudo implies restricting the programs each user can call with it; in particular, not allowing sudo su.)

    Comment by michaeleriksson — March 21, 2010 @ 1:03 pm | Reply

    • Correct use of sudo implies restricting the programs each user can call with it. That’s kind of my point. Most distros implement sudo incorrectly. 😉

      Comment by Padma — March 21, 2010 @ 3:23 pm | Reply

  3. “really, how often do you really need to access system-level things?”

    A lot actually, mostly aptitude. Then again, that’s what sudo IS designed for.

    Comment by Bratmon — March 26, 2010 @ 5:31 pm | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: