[sudo-users] default root configuraiton in sudoers
Todd C. Miller
Todd.Miller at courtesan.com
Wed Jul 29 09:37:30 MDT 2015
On Wed, 29 Jul 2015 15:36:11 -0000, Terry Inzauro wrote:
> I'm having a difficult time understanding why the following entry
> exists in default installations in several popular Linux distributions:
>
> [root at foohost ~]# grep ^root /etc/sudoers
> root ALL=(ALL) ALL
>
> What are the use cases where this would be justified / desired?
Root can already run commands as any user via su(1) so there is
really no additional privilege being granted. There are times when
a root shell is needed and by allowing root to use sudo it is
possible to have better logging of what is done in the root shell.
- todd
More information about the sudo-users
mailing list