On a system that uses sudo (like Ubuntu's standard account setup), having access to a non-root administrative user account (with sudo privileges) is equivalent to having root access. And nobody can fool themselves into thinking this isn't the case, because the account is explicitly flagged as "this account can become root."
Because the exploit in the article exists, on a system that uses su, having access to a non-root administrative account (that accesses root regularly through su) is equivalent to having root access. But it's not as obvious that this is the case.
This means the sudo setup is more secure (with respect to this exploit), because it doesn't pretend to have a level of security it doesn't actually have.
Because the exploit in the article exists, on a system that uses su, having access to a non-root administrative account (that accesses root regularly through su) is equivalent to having root access. But it's not as obvious that this is the case.
This means the sudo setup is more secure (with respect to this exploit), because it doesn't pretend to have a level of security it doesn't actually have.