SUDO -SU ......

Posted on 2006-05-11
Last Modified: 2010-04-21
How do I know when I'm should use "sudo -su...." instead of just "su -..."?
Question by:paynestreet
    LVL 45

    Accepted Solution

    Hi paynestreet,

    sudo -su      is designed to allow a user to su to a user (such as root) to whom he normally doesn't have access.  It also allows the user to su to privileged accounts (like root) without a password.

    su -             is designed to allow any user to su to any other user.  If the originating user is privileged a password is not required.

    Good Luck!
    LVL 14

    Assisted Solution

    Also, sudo logs the accesses, and can be set up to allow a user to have access to only certain commands.

    su gives total access (if you have the password).  

    For example if you have a users that only needs to run a single command as root, you can set that person up in the sudoers file and they can run the command without knowing the root password of the box.

    If you allow the to just us su to access root, then they need the root password, which means they basically have the master key to your entire system, and if you have the same password on other boxes, they can access those boxes too...
    LVL 6

    Expert Comment

    user visudo -s  instead of editing the /etc/sudoers file.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. Please see for the updated article. It is avail…
    I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now