[sudo-users] default root configuraiton in sudoers

Todd C. Miller Todd.Miller at courtesan.com
Wed Jul 29 09:37:30 MDT 2015

On Wed, 29 Jul 2015 15:36:11 -0000, Terry Inzauro wrote:

> I'm having a difficult time understanding why the following entry  
> exists in default installations in several popular Linux distributions:
> [root at foohost ~]# grep ^root /etc/sudoers
> root    ALL=(ALL)       ALL
> What are the use cases where this would be justified / desired?

Root can already run commands as any user via su(1) so there is
really no additional privilege being granted.  There are times when
a root shell is needed and by allowing root to use sudo it is
possible to have better logging of what is done in the root shell.

 - todd

More information about the sudo-users mailing list