I hate sudo with a passion. It represents everything I find offensive about the modern Unix security model: like su, it must be a SUID binary to work it is monolithic: everything sudo does runs as root, there is no privilege separation it uses a non-declarative and non-hierarchical configuration format leading to forests of complex access-control policies and user errors due to lack of concision it supports plugins to extend the policy engine which run directly in the privileged SUID process I could go on, but hopefully you get the point.