We've been using the sudo command throughout the book. In fact, we took a deeper look at it during Chapter 2, Managing Users. Therefore, I won't go into too much detail regarding sudo here, but some things bear repeating as sudo has a direct impact on security.

First and foremost, access to sudo should be locked down as much as possible. A user with full sudo access is a threat, plain and simple. All it would take is for someone with full sudo access to make a single mistake with the rm command to cause you to lose data or render your entire server useless. After all, a user with full sudo access can do anything root can do (which is everything).

By default, the user you've created during installation will be made a member ...