[3] Sudo was to allow non-root users to do root-like
things, but
*not* to run a @#$@ shell, or else, why not just give the users
root access? I mean---hello! Am I missing something?
With sudo, it's a lot easier to revoke one person's ability to do stuff
without needing to distribute a new password to everyone else, as
compared to traditional su.
Of course, that's not always of much value. On a personal machine, on
a machine on which only a tiny number of people should ahve privileged
access of any sort, that doesn't matter so much.
And, yes, some uses of sudo _are_ supposed to prevent shell access by
some people while still allowing them to do certain other things.
Presumably such people aren't going to be running full-fleged vi (or
various other programs) through sudo, of course, because of exactly
this possibility.
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse at
rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B