[mythtv-users] OT: SATA errors
Matt Mossholder
matt at mossholder.com
Thu Jul 9 14:54:20 UTC 2009
On Thu, Jul 9, 2009 at 10:25 AM, Glenn Harris
<gharris+list+mythtv at eklo.com> wrote:
> Not to sidetrack the thread but:
>
> I've always gone the 'su -' route, but your comment got me curious and
> I did some searching. I couldn't find anything that differentiated
> them. They both allow sudo to log all commands, and create a new root
> login environment (likewise, 'sudo su' and 'sudo -s' do not create a
> new login environment).
> If you have a link/reference/anecdote for one or the other I would
> appreciate it.
>
<snip>
> --Glenn
There are a couple of reasons.
First of all, 'sudo su -' is rather redundant... you are telling sudo
to elevate your privileges, and then telling su to elevate your
privileges and give you a shell. Since you are already running su "as
root", it just creates the shell, but it still means you spawn an
extra process.
Secondly, using "sudo -i" adds some extra environment variables, such
as SUDO_USER, which can be useful for logging within other scripts you
may provide to admin users via sudo. It also can take care of setting
your X related environment variables, to ensure that X programs work
as expected.
Finally, you're doubling your exposure to badness. If someone mucks
with either su or sudo you are screwed, whereas with "sudo -i" they
have explicitly subvert sudo.
--Matt
More information about the mythtv-users
mailing list