I've heard arguments that the sudo (super user do)
command is more secure than the su (switch user) command.
However, the moment sudo is used to grant full
administrator (i.e. user ID 0, or root user) privileges, while
prompting for a user password (or worse, no password, such as through
pam_wheel), it is less secure. When the user
account is compromised, potentially so is root's: a user account is
not guarded as carefully as root's is. The benefit of logging is
irrelevant with sudo -i: auditing should be used to monitor
root's activity.
macOS and Ubuntu default to the sudo command for
administration, (instead of the su command). However, the
benefit of sudo is providing a subset of root/administrative
privileges to a user. Disabling the root account entirely does have some
benefit in the macOS and Ubuntu implementation, but it is trading one
security vulnerability for another.
Default Red Hat and SUSE behaviour is sane. By default, SUSE prompts
for the root password when running sudo. Red Hat doesn't add users to
/etc/sudoers by default. Configuration is left to the root
administrator.
©2015, 2019 David Egan Evans.