Sudo vs su root9/27/2023 ![]() It's important to consider what Sudo was designed for originally: delegation of specific commands (like those to manage printers) to "sub-administrators" (perhaps grad students in a lab) without giving away root completely. Sudo doesn't protect against that very well at all - if they have your password, after all, no need to try tricking you for later. LD_PRELOAD and PATH attacks like those you describe assume that there is an attacker with access to your account already, or at least to your dotfiles. Just like the proverbial server which is in a safe, unplugged, at the bottom of the ocean, root would be most secure if there were no way to access it at all. Security is always about making trade-offs. But using the above logic wouldn't this be the safest thing to do: What about SSH? Traditionally root can't log in through SSH. So am I missing something? Why did the Ubuntu guys decide to only allow sudo? What can I do to improve the security of any of the methods? Besides that the only problem I see is the lack of timeout. I don't know if programs running on X can intercept ++ (and open a fullscreen window that looks like a console) or it is safe like ++ on Windows. The keypress events can't be intercepted by programs running on X. Since it is started by init if an attacker can control PATH or LD_PRELOAD he is already root. Login on a text-mode console seems to be the safest. Some operations (especially IO redirection) are more convinient with su but security-wise this seems to be worse. ![]() I have the same doubts about su but it doesn't even have time limit. The only advantage I can see is the timeout so I never forget to log out. For example adding aliases, adding stuff to my PATH, setting LD_PRELOAD and X11 keyloggers just to mention a few. There are too many things that can go wrong if an attacker can run code as my normal user. However I am not sure it is any safer than just using login on a text-mode console. On Ubuntu you can only use sudo for "security reasons" by default. In addition, most sh scripts can be run by Bash without modification.I would like to have the root account in safety even if my unprivileged user is compromised. It offers functional improvements over sh for both programming and interactive use. It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. Bash is an sh-compatible shell that incorporates useful features from the Korn shell (ksh) and C shell (csh). This command runs "bash" as a super user.īash is the shell, or command language interpreter. The sh utility is a command language interpreter that shall execute commands read from a command line string, the standard input, or a specified file. ![]() This is where sudo comes in - it allows authorized users (normally "Administrative" users) to run certain programs as Root without having to know the root password. However, since the Root account physically exists it is still possible to run programs with root-level privileges. ![]() This means that you cannot login as Root directly or use the su command to become the Root user. This command is used to login at root account.īy default, the Root account password is locked in Ubuntu. In some cases, this is necessarily Root, but most of the time it is a regular user. Ideally, you run as a user that has only the privileges needed for the task at hand. You could type a command incorrectly and destroy the system. The SuperUser can do anything and everything, and thus doing daily work as the SuperUser can be dangerous. In Linux (and Unix in general), there is a SuperUser named Root.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |