LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Command SU (https://www.linuxquestions.org/questions/linux-newbie-8/command-su-595240/)

reiko007 10-28-2007 10:59 AM
Command SU
 
1. Well command su is used to switch user i used this command as a normal user to switch on to root and it prompted for password, I entered it and then worked with root prompt, but my question is if i am gonna know the root password then i can log-in as root and do all stuffs so why linux has this unsecured command or if my perception is wrong then in which place this SU command can be used???????

2. I want to learn about /proc filesystem please get me some links to have an insight knowledge about it.

Jim44 10-28-2007 11:16 AM
Quote:
Originally Posted by reiko007 (Post 2939794)
1. Well command su is used to switch user i used this command as a normal user to switch on to root and it prompted for password, I entered it and then worked with root prompt, but my question is if i am gonna know the root password then i can log-in as root and do all stuffs so why linux has this unsecured command or if my perception is wrong then in which place this SU command can be used???????
It is assumed that you only give the root password to trusted individuals. Ubuntu, for instance, has the root password disabled and only allows sudo access. To use sudo you have a special entry in the /etc/sudousers file. By default, you can't su to root on Ubuntu. You can do the same if you like.

Quote:
Originally Posted by reiko007 (Post 2939794)
2. I want to learn about /proc filesystem please get me some links to have an insight knowledge about it.
Here are a couple of links:


http://linuxgazette.net/issue46/fink.html
http://www.linuxjournal.com/article/8381

Try google.com for linux proc filesystem if you need more info.

Jim.

Disillusionist 10-28-2007 11:18 AM
Quote:
Originally Posted by reiko007 (Post 2939794)
if i am gonna know the root password then i can log-in as root and do all stuffs so why linux has this unsecured command or if my perception is wrong then in which place this SU command can be used???????
The point you seem to have missed is down to security. If you routinely log in as root, then you can do anything (even things you don't want to).

If you log in as a standard account, there is a limit to what you can break. When you need to run a command as root you can su to root.

Additionally if you run su I would suggest you use:

Code:
su -
This runs root's startup scripts, which will change the PATH environment variable (amongst other things). This stops issues where the PATH variable has been set wrong example of a dangerous PATH:

Code:
PATH=.:/bin:/sbin:/usr/bin:/usr/sbin:~
In this example, a command would be run from the current working directory, before searching /bin /sbin /usr/bin /usr/sbin an attacker could place a modified version of a command (example ls) in a common area (/tmp) and this could be run as root following an su

This could increase the powers that the attacker has.

pixellany 10-28-2007 11:21 AM
Why are you saying that "su" is unsecured? You can't get root privileges without the password---regardless of whether you use su.

/proc is a virtual directory that allows you to see all the data structures maintained by the kernel. Some of the entries are self-explanatory--others will make no sense unless you know how the kernel works.

tredegar 10-28-2007 12:42 PM
@reiko007
About su and sudo

Not all users are allowed to use these commands to gain root priviledges. This is explained in the file /etc/sudoers

You probably have just one user on your system (yourself). Most installations grant the first user sudo root priviledges, others probably will not be allowed, unless you explicitly allow it when you create the new user.

On my distro, only users belonging to the group admin are allowed to su to root. So, when I create new accounts for users I do not wish to grant root access to, I make sure they are not members of the group admin. Then they can't do it :)

Hope this helps

pixellany 10-28-2007 04:26 PM
On my system any user can use su--not necesary to be in the admin group.
I have never seen it otherwise...was your distro like this out of the box, or did you modify?

tredegar 10-29-2007 02:58 AM
It's kubuntu 6.06.1, out of the box, security not modified.
Users not in the admin group can su to users other than root, but only if they know that user's password
Users not in the admin group cannot su root
Users not in the admin group cannot sudo
File /etc/sudoers
Code:
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults

Defaults        !lecture,tty_tickets,!fqdn

# User privilege specification
root    ALL=(ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Code:
sutest@vaio:/home/sutest$ groups
sutest
sutest@vaio:/home/sutest$ su root
Password:
su: Authentication failure
Sorry.
sutest@vaio:/home/sutest$ sudo -i
Password:
sutest@vaio:/home/sutest$
No "Authentication failure" for the sudo -i, it just didn't work. I assumed all distros that use sudo worked like this.

reiko007 10-31-2007 07:07 PM
Well thanks a lot!!!!! but now i have encountered some issues that when i sudo with my password
the authentication stays only for a few minutes i want to change the time duration which file do i have to edit?

tredegar 11-01-2007 10:47 AM
As usual, the man command is useful here. Try :
man sudo
man sudoers


All times are GMT -5. The time now is 07:10 PM.