sudo is as secure, or insecure, as its popular alternatives like su . The most popular alternative to sudo is to allow some or all users to elevate their privileges with su . Most commonly, all users are permitted to do so, so long as they know the target user’s password.
Why is sudo insecure?
It’s the default caching, and your hypothetical being called while sudo access is cached, that triggers your thought, but sudo is NOT actually insecure when configured with a short timeout, or with instant timeout, and that’s done at the system administrator’s decisions on those systems whether to change the default.
Is sudo unsafe?
Even when the command in question is correct and isn’t intended to damage the operating system, it can cause damage to the user’s account just because it is run as root, making sudo especially dangerous.
Is sudo safer than su?
The main difference between the two is that su requires the password of the target account, while sudo requires the password of the current user. Therefore, it is much safer to use sudo since it doesn’t include exchanging sensitive information.
Is sudo safer than root?
The consensus among many Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions. While sudo is useful for what it was designed for, this thinking is flawed, and usually comes from inexperience.