[Leaplist] sudo vs su
David Simmons
dave at dgnal.net
Mon Jun 1 11:25:28 EDT 2009
seems like it all depends on if you're looking to just run a single command
as root (sudo) or do many and interact as root (su -)?
-dave
On Mon, Jun 1, 2009 at 10:01 AM, Richard F. Ostrow Jr.
<rich at warfaresdl.com>wrote:
> Ok, now that we're actually talking in the right topic, here's the
> _correct_ answer.
>
> su - input not logged, difficult to backtrace what was done in the event
> of a catastrophic screwup (rm -rf /)
>
> sudo - can easily track what was done. Everything put into sudo goes into
> /var/log/{hostname}/messages of the remote logging system. An 'rm -rf /'
> would be logged on the remote machine, and I would know *exactly* who was
> stupid enough to do such a thing, and can make them clean up the mess.
>
> I wonder which one is better from an SA standpoint?
>
>
> --
> Life without passion is death in disguise
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> Leaplist mailing list
> Leaplist at leap-cf.org
> http://lists.leap-cf.org/mailman/listinfo/leaplist
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.leap-cf.org/pipermail/leaplist/attachments/20090601/d4d4cc69/attachment.html
More information about the Leaplist
mailing list