su or sudo su?

James McKenzie jjmckenzie51 at earthlink.net
Tue Oct 19 03:48:59 UTC 2010 

  On 10/18/10 2:13 PM, Tim wrote:
> On Mon, 2010-10-18 at 09:40 -0700, James Mckenzie wrote:
>> Also root's home directory should NEVER be / (root) but rather
>> something like /home/root.
> Wrong.  Bad advice.  The following somewhat mitigates that, but you've
> muddied the water with bad advice in the first place.
>
As I said "something like".  Most modern UNIXes and Linuxes use /root, 
which is fine if you don't go crazy creating partitions for EVERYTHING.
>> I've known of several folks who 'forgot' they were root or had either
>> sudo'd or su -'d and then issued the famous (or infamous) rm -rf *
>> wiping out the system or at least destroying critical files.
> It's fine for root to have /root as the home space.  So the "never" word
> is bad.  It's the default location.  And your advice may to scare the
> completely clueless into wrecking their system.
>
What I was saying here is that root should NEVER have the base root 
directory (/) as its directory.  Fortunately, smart people a long time 
ago took care of this for us.  However, dumb people think that root 
should 'own' the base root directory and set it back.  This can and has 
lead to disaster.
> It's a bad idea to put it in /home, because /home could be on an
> unmounted partition, and root may need access to its home space to fix a
> problem.  So if you're going to suggest shift it, don't suggest putting
> it /home.  Certainly not without complete explanation.
Never thought about that.  You are correct, root's home directory should 
be mounted when the system is brought up, even in maintenance mode 
(which happens more often than you think.)
> Moving roots home further into the tree may help against some rm
> accidents, but it's by no means a foolproof solution.  Bad wildcarding
> choices will get them into the parent directory.  And prefixing the path
> with the slash will destroy "/" contents no matter where they started
> out working from.
>
You cannot eliminate stupid, we are surrounded by it.  However, if a new 
SA decides to wipe root's home directory and types in cd; rm -rf *  then 
the user will have problems, but the system will remain, mostly, intact.

However, this has little to do with the use of sudo vice su -.  The 
reason for using sudo is to mask or obscure root's password from people 
who should have no knowledge of it.  It also allows for the running of 
some but not all programs.  If you give su - and the appropriate 
password, the world is your oyster.  You had better trust the person who 
is using it.

James McKenzie

More information about the users mailing list