On Wed, 2009-07-01 at 01:20 -0700, Michael A. Peters wrote: > I still don't understand how using sudo instead of su makes it more secure. As implemented by Ubuntu and others, sudo does nothing to make things more secure. In fact, as you pointed out, it can be less secure. However, sudo has the capability to grant fine grained access. For example, one could configure sudo so that operators are able to launch backups as root but not start a shell or edit the web server config files. This capability is what earned sudo its reputation for being more secure. Sadly too many people chant "sudo is more secure" without understanding the conditions necessary to make that statement true. John R. Dennison has already pointed out that it is trivial to configure su on CentOS to require wheel.