Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
as far as i understand, sudo is used so the user won't use the root account and it's password.
but what is the difference?
let's say i installed a fresh copy of ubuntu, no root, just sudo that can do exactly the same as root, for better or worse.
even change the password for root.
i fail to understand how sudo is more safe then root.
Click here to see the post LQ members have rated as the most helpful post in this thread.
For a single user environment like Ubuntu sudo is pretty much moot...you are using the root password when you sudo.
Now picture yourself as a Linux admin, you guard your root password like you would guard a signed copy of Ninja Scroll. You don't loan it out to just anyone. So what to do when your two assistant admins need to do stuff as root? SUDO TO THE RESCUE! You add them to the sudo list! Go to the command line and type visudo then follow these directions http://www.go2linux.org/sudoers-how-to .
They can now use their own password to do things as root, but they will never know your own root password. Also there is some logging you can do to see what, when and how they are using that god-like privileged.
Get it now?
EDIT! Also...you can restrict the commands a sudoer can execute...for instance, you can add someone to the sudo user file, but only allow them to reboot or edit certain ip tables.
Typical use of sudo is for a single command at a time. The user should think a bit before performing actions which impact the entire system.
Typical configuration of sudo is to allow only certain users to perform actions as root.
Disallowing root login means the root account can't be brute forced.
None of these things by themselves is perfect. Taken all together they can represent an improvement in security in a carefully managed system.
For single user systems the sudo way may seem unnecessary. IMHO I'm glad to have one more reason to think carefully before performing actions which impact the entire system.
I think it might help to understand that processes/programs that you run when you are logged on get your privileges.
In one scenario, imagine you run a program that has malicious code and it tries to install other software or make system changes, if you are logged on as root it can just go ahead and do it without asking. If you are logged in as a normal user that program would not inherit root permissions and you would be asked to supply a password for it to go ahead. So you only use sudo when you are confident that what you are doing is safe.
1. allow non-root user's to execute root level actions AND
2. restrict the use user to ONLY those actions/cmds specified in sudoers file AND
3. log the cmds used AND
4. have the user use his passwd, NOT root's.
However, Ubuntu has decided to bypass the nicely restrictive design and instead (by default) disable the root acct and automatically FULLY enable the first created non-root acct FULL access via sudo.
This is definitely non-std in the *nix world and causes confusion if such users later on meet a normal system.
Granted that for a single user system (especially at home) it may seem redundant, but it's still good security practice not to abuse it.
What happens if your user acct gets hacked; it can happen even on Linux...
Well, if he get hacked, and has sudo permissions, it's quite a damage.
nevermind, thing are much clearer now.
the fact that the sudo users cant be limited is already makes much sense.
thanks for all the answers
Another thing that's missing in the conversation is that a remote attacker knows the account name of root, so he can attempt a brute-force attack on that account.
To prevent that, you can disable remote login for the root account, and grant sudo access to your personal account. Now the attacker needs to add a near infinite combination of userids to his brute-force attack, adding orders of magnitude of difficulty to pop the box, and rendering the job all but impossible.
And this is why Ubuntu disables root and establishes your personal account as a sudoer with full root access. Ubuntu is a single-user distro, so the assumption is that the guy who installed it is the guy who needs full control.
This is a typical use in a business environment, but it's not the only use. You can configure sudo to take the user's password, root's password, the target's password (if running a command as some account other than root, ex: sudo -u <userid>), or no password at all.
Sudo really is actually moot as a security measure, since anyone can change the root password at anytime simply by typing in 'sudo passwd root', then just enter one password for the next two password requests - user and unix paswords. Then, next time you go into terminal mode, just type in 'su' and enter the password you just created. After that, you are permanently in administrative - or, 'superuser' - mode, as you can see from the '#' prompt. To leave that mode, and the terminal, just keep typing in 'exit' until you are back on the desktop playing Mahjong.
Sudo really is actually moot as a security measure, since anyone can change the root password at anytime simply by typing in 'sudo passwd root', then just enter one password for the next two password requests - user and unix paswords. Then, next time you go into terminal mode, just type in 'su' and enter the password you just created. After that, you are permanently in administrative - or, 'superuser' - mode, as you can see from the '#' prompt. To leave that mode, and the terminal, just keep typing in 'exit' until you are back on the desktop playing Mahjong.
1) This is true for internal users, not at all true for external users.
2) There's no need to go around hacking the root account when "sudo bash" will get you the same result.
3) If this scenario is a concern, sudoers can be denied the passwd command.
since anyone can change the root password at anytime simply by typing in 'sudo passwd root'
That only works if said user is allowed to use sudo. On my own systems I am the only user allowed to use sudo. I can't speak for anyone else's configuration.
The pt is that's only because Ubuntu does it wrong.
sudo should not be automatically available to anyone.
The idea of Unix is that you have root and you have other users. Other users have no access to root cmds.
Someone came up with sudo as a way to allow only specified users to use specified cmds only. These may or may not be root cmds, as noted above, but they would be cmds not normally available to the user.
Ubuntu decided to 'disable' root & default first user to sudo with full rights (and no passwd?). Thereby effectively making first user root.
You can fix this (and should imnsho) on Ubuntu.
On a 'single user' system, you can disable remote root login (a good idea generally) and use 'su -' or full sudo (both using root passwd), then any potential hacker has to guess your acct name and your passwd to get in, then guess the root passwd to go any higher.
Obviously you should have a 'good' passwd for root and for yourself.
ie only allow remote login for yourself, the 'su - ' to get root locally.
Note that in that doc page there are plenty more things you can do to restrict who can login and from where etc etc
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.