https://www.ubuntulinux.org/wiki/RootSudo
Isn't sudo less secure than su?
The basic security model is the same, and therefore these two systems share their primary weaknesses. Any user who uses su or sudo must be considered to be a privileged user. If that user's account is compromised by an attacker, the attacker can also gain root privileges the next time the user does so. The user account is the weak link in this chain, and so must be protected with the same care as root. On a more esoteric level, sudo provides some features which encourage different work habits, which can positively impact the security of the system. sudo is commonly used to execute only a single command, while su is generally used to open a shell and execute multiple commands. The sudo approach reduces the likelihood of a root shell being left open indefinitely, and encourages the user to minimize their use of root privileges.
While there are various advantages and disadvantages to this approach, compared with the traditional superuser model, neither is clearly superior overall.
By encouraging the execution of single commands with root privileges, rather than opening a shell, sudo:
-Reduces the amount of time spent with root privileges, and thus the risk of inadvertently executing a command as root
-Provides a more useful audit trail
Having a separate root password provides an extra layer of protection if an administrative user's password is compromised
In either case, if the administrative user (who uses sudo or su to become root) is compromised, the attacker can generally gain root through an indirect attack
