I'm not a sudoer on any box i administrate, and i've apt-get remove'd it from my personal VPSes. It's a little worrying, occasionally you'll run across a shell script that runs sudo for half it's lines and you're not entirely sure why.
Using plain su instead of sudo <command> forces me to enter my password, thereby encouraging a concious decision about whether a command needs to be run as root, and the change in prompt is another reminder to be careful.
The sudo timeout convenience feature is worrisome, but there's no need to remove it entirely from the system [1]. You can set
Defaults timestamp_timeout = 0
in your sudoers file to make sure sudo always prompts for a password. I think this should be default, since the current default of 5 minutes is an easy privilege escalation vector [2].
Also, if you like entering root's password instead of your own, you can set the `runaspw` option.
[1]: Unless you'd like to remove one more possible SUID vulnerability.
[2]: It's far from the only way for a local process to escalate privileges, so I understand it's nothing worth yelling about.
Personally I set the following in /etc/sudoers:
Defaults timestamp_timeout=0,passwd_tries=1
I find not having to enter a password for a certain period of time rather annoying, especially when ssh is lagging or when I am typing without paying much attention. If you so wish, you can also set the option "rootpw" for the above, which will make sudo require the root password.
I also set a small number of specific commands to require no password for sudo, mainly for common things like network configuration and suspending. These are defined for the absolute paths of the executables, and only for my user, so they aren't a security risk.
Using plain su instead of sudo <command> forces me to enter my password, thereby encouraging a concious decision about whether a command needs to be run as root, and the change in prompt is another reminder to be careful.