Quoting Eric F Crist <ecrist at secure-computing.net>: >> >> Yes, sudo logs all commands that are run through it. su doesn't. > > > This is slightly misguided. Even with sudo, you can sudo su <user> > and where the su to <user> will be logged, anything done while su'd is > not logged. Only commands invoked directly with sudo are logged. In > this case, logging is no better than it is with su. > Note that the proper approach here would be to simply disallow doing a sudo to su if you're on a multi-user system where such things matter. One of the nice things about sudo is that you can specify with a fair degree of granularity what users are allowed to issue what commands as the superuser. Josh