Originally Posted by evermooingcow
I actually don't use sudo much either. I use it on my laptop so that I can run shutdown and hibernate without a password.
If you're allowing passwd and visudo through sudo as above isn't it the same as giving out your root password?
with how ubuntu setups sudo, the first account created is allowed full super user privileges using sudo+user password, so sudo setup initially in ubuntu is very powerful, and if you know the original user account password, you can do anything you please.
now any other additional created users, you have to add to the sudo group, and %wheel is typically the group granted full Super User privileges.
that way is only one of many ways to setup sudo.
typically if you were to deploy sudo in a large userbase, you wouldn't want everyone in the %wheel group to have full super user privilages, would totally make linux security useless.
so you would create a variety of groups, and give them different SU privileges, which you can setup in the sudoers file it /etc. you could give the wrong privilege to a user, which they could use to escalate to gain full root control over the system, which could be "damaging".
i'm like others here, i don't use sudo very often, i use to have it completely disabled, but i do find it at times faster to issue a single command thru sudo, so incase i forget to exit out of su, and some one comes along and does something "damaging" to my system.