Difference Between SU and SUDO

SU vs SUDO

In the Linux and UNIX environments, you need to use either SU or SUDO in order to gain momentary access to another account, usually the root, while logged on as another. SU stands for substitute user and SUDO means substitute DO; although most people incorrectly think that it stands for super user as it is the account that is often used. The most noticeable difference between the two would be the usage as SU is commonly used on its own or with the substitute username as a parameter. With SUDO, another command is often attached and executed automatically after the authentication succeeds. This is very useful when you only want to do a single command that requires root access; succeeding commands would also be given root access.

SUDO has become a favorite among admins due to the ability to define constraints on whether a user can use SUDO and what commands he can use with it. The constraints are placed in a conf file that can be edited. This provides a lot of flexibility, especially in systems with a lot of users. Another advantage of SUDO is the log that is kept for every command. The log makes it easier to track where mistakes have been made and to correct them. With SU, it is common practice to create a root account and share it to those who need it via SU. It is a major weakness as there is no limitation in place for each user. With SUDO, there is no need to share passwords as it can elevate the privileges of individual users and allow them to have access to the things that they need but not to those they don’t.

Because of these advantages, SUDO is preferred by many. SUDO is also used by many ordinary Linux users to do tasks that require super user access. This is probably what led to the misconception of SUDO as super user do. Despite all this, SU still has its own use, mostly when switching to other user accounts to gain access to their files.

Summary:
SUDO commonly includes another command while SU does not
SUDO has definable constraints while SU does not
SUDO keeps a log of all commands while SU does not
You need to share a password with SU but not with SUDO
SUDO elevates the privileges of the user while SU does not