Secondly, many compliance regulations include requirements that encourage or require organisations to implement least privilege policies. Sudo will typically log that a user ran the sudo command, but it does not always show what subsequent commands were run during the superuser session. Further, commands executed in certain shells cannot always be documented.
Next, as sudo is designed as a local solution, it cannot be centrally managed. Each individual Unix machine has its own set of sudo policies and configurations which require individual management and oversight. This can be quite time consuming because sudo users change frequently — new users require privileged access, former employees are terminated — and there is no API to programmatically add or remove user permissions.
In many cases, sudoer files are becoming very large due to changes and additions over time, making them unmanageable and prone to errors. Errors could cause a file to become corrupt and a corrupted sudoer file that is distributed on a production server could impact business continuity by causing scripts to fail and inhibiting other sudo operations. Therefore, sudo is not able to scale in large organisations because the operational effort required to manage sudo becomes unmanageable.
Lastly, this open source solution is also not entirely reliable. Sudo offers the ability for users to invoke a shell in which they can execute all commands, without being documented or recorded and this solution is put into place is to establish controls with root access, yet the ability to work around sudo is essentially built into the solution.
While sudo can be an attractive solution with no acquisition cost, ultimately many organisations realise the hard way that "free" can actually end up costing them a great deal. So before you make the call, make sure you have weighed the pros and cons and explored other alternatives that can deliver a higher level of security, scalability and reliability.
Sign up for MIS Asia eNewsletters.