Why Is It Called 'sudo'? — The Origin of the Term

A user sits at a terminal. They need to install software, but they’re not logged in as root. On older Unix systems, that meant either logging out and back in as root — interrupting their session — or asking the sysadmin to type a password. The modern solution is a single four-letter command prefixed to whatever they need to run: sudo. But where did “sudo” come from, and what does it actually mean?

The Story

In 1980, the Computer Science Department at SUNY Buffalo had a problem. Faculty and students needed to perform administrative tasks, but giving everyone the root password was a security disaster. The existing su command (switch user) required knowing the target user’s password, which meant sharing the root password — exactly what they wanted to avoid.

Two programmers, Bob Coggeshall and Cliff Spencer, created a solution they called “the do command.” It allowed specified users to execute commands as the superuser without knowing the root password. Configuration was handled through a simple file that listed which users could run which commands. They called it sudo — short for “superuser do.”

The original implementation was modest: a setuid binary that checked a configuration file (/etc/sudoers) and, if authorized, executed the requested command as root. No logging, no timeout, no fancy options. Just a simple check and execute.

How It Evolved

The sudo command spread from SUNY Buffalo to other universities, then to Unix workstations, then to Linux. By the late 1990s, it had become the de facto standard for privilege elevation in Unix-like systems. Key milestones:

• 1986: Steve Miller at SUNY Buffalo rewrote sudo with proper logging and sudoers file parsing.
• 1991: A graduate student at UC Davis took over maintenance.
• 1994: The current maintainer, Todd C. Miller, began developing sudo into what it is today.
• 1999: Sudo 1.6 introduced the sudoers plugin architecture.
• 2010: Sudo 1.8 added modular plugin support, LDAP integration, and enhanced auditing.

The sudo command replaced the old model of sharing root passwords. Instead of five people knowing the root password, you added those five users to the wheel group (or the sudo group on Debian-based systems) and configured sudoers to let group members run administrative commands.

The name becomes obvious once you know it: su (superuser) + do (execute). Say it fast and you get “sudo.” But the pronunciation varies — some say “soo-doh” (like pseudo), others say “soo-doo.”

Did You Know?

The original do command at SUNY Buffalo was a separate program, not a prefix. You would type do command instead of sudo command. The su prefix was added later to make the privilege escalation explicit.

The sudoers file must be edited with visudo, which locks the file and validates syntax before saving. This prevents configuration errors that could lock everyone out of root access. A common trope: “Always use visudo. Your sysadmin self will thank you.”

Modern alternatives include doas (from OpenBSD, 2015), which is smaller and simpler than sudo. But sudo’s massive ecosystem — plugins, LDAP, audit logs, session recording — has kept it dominant. Ubuntu’s decision to default to sudo (instead of a root login shell) cemented sudo’s place in the Linux mainstream.

The “sudo” etymology is so natural that it’s been backronymed as “substitute user do” or “switch user do,” since sudo can also run commands as any user, not just root. But the original name was always “superuser do.”

FAQ

Related Etymologies