[Leaplist] sudo vs su
Richard F. Ostrow Jr.
rich at warfaresdl.com
Mon Jun 1 11:01:59 EDT 2009
Ok, now that we're actually talking in the right topic, here's the
_correct_ answer.
su - input not logged, difficult to backtrace what was done in the event
of a catastrophic screwup (rm -rf /)
sudo - can easily track what was done. Everything put into sudo goes into
/var/log/{hostname}/messages of the remote logging system. An 'rm -rf /'
would be logged on the remote machine, and I would know *exactly* who was
stupid enough to do such a thing, and can make them clean up the mess.
I wonder which one is better from an SA standpoint?
--
Life without passion is death in disguise
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list