I've heard often that it is better to su to root rather than log in directly as the root user (and of course people also say that it's even better to use sudo). I've never really understood why one is better than the other(s), insight?
linux – Why Use su to Root Instead of Logging in as Root?
linuxloginrootsudo
Related Topic
- Disable Root Login in Ubuntu – How to Secure Ubuntu Login
- Linux – High Server Crash Rates During Leap Second Day
- Security – How to implement ansible with per-host passwords, securely
- Postgres – Difference Between ‘sudo su – postgres’ and ‘sudo -u postgres’
- Linux: productive sysadmins without root (securing intellectual property)
- Linux – Root Login or Sudo User for Server Administration
Best Answer
The inference is to only
su
orsudo
when required.Most everyday tasks don't require a root shell. So it is good practice to use an unprivileged shell as your default behaviour and then only elevate to root when you need to perform special tasks.
By doing so you are reducing scope for dangerous mistakes (bad scripting, misplaced wildcards, etc) and vulnerabilities from any applications that you use. Especially those which connect to the Internet - see the old adage "Don't IRC as root".
sudo
is often recommended because it allows you fine grain and audit the use of such privileges.By observing these practices you are also in a position to disable remote root logins. This increases the bar of entry for any would-be attacker, as they would need to compromise both a regular user account that was a member of the "wheel" group and ideally only authorised by SSH public keys, then the root account itself.