9.2.4 Working more safely – sudo
My usage of sudo is mostly a protection from my own stupidity.
Personally, I consider using sudo a better alternative to always
using the system as root.
Install sudo and activate it by setting options in /etc/sudoers/usr/share/doc/sudo/OPTIONS.
The sample configuration provides "staff" group members access to any
commands run as root under sudo and also gives "src"
members access to selected commands run as root under sudo.
The advantage of sudo is that it only requires an ordinary user's
password to log in, and activity is monitored. This is a nice way to give some
authority to a junior administrator. For example:
$ sudo chown -R myself:mygrp .
Of course if you know the root password (as most home users do), any command
can be run under root from a user account:
$ su -c "shutdown -h now"
Password:
(I know I should tighten the admin account's sudo privileges. But
since this is my home server, I have not bothered yet.)
For a different program that allows ordinary users to run commands with root
privileges, see the super package.
