In the introduction of the Managing Users and Groups topic, I told you that in a multi-user environment, multiple persons need to have access to the same system. We have seen also that for security reasons, each individual must have his/her own user account. This ensures authenticity, authority, and accountability. In the last four articles, the main focus was on authentication, i.e. creating user’s credentials: user account and password. In this article, we will concentrate our attention to the authorization part. Have a nice reading.
What is Authorization?
Authorization is concerned with granting or denying the user the authority to do something. So, in the authorization process, the system determines whether a specific subject (user or process) has the permission to access or execute what he/she/it trying to do or not.
The root User
As we said before, the root user is the superuser in UNIX and Linux operating systems. It has almost the complete power on the machine. As a root, you have full permissions on all files and directories in the file system structure. You have also the full privileges to execute all commands, even the most harmful ones. For this reason, the root password should be kept secure, and known to a very limited number of administrators. In all cases, users shouldn’t log in as root. Instead, they should use their own non-root accounts, and in case they need to do some certain tasks that require admin privileges, they could escalate their privileges and achieve the task.
To escalate your privileges, UNIX and Linux have two useful tools: the switch user utility su, and the run as utility sudo. So, let’s talk about them.
The su Command
The su command runs a shell with another user and group IDs. It changes the effective user ID and group ID to that of the user we switched to.
su [OPTIONs] [COMMAND] [-] [USERNAME]
In its simplest and most used form, the su command takes only one argument –
This prompts the user to enter the root password. If the right password was entered, a login shell is started using the context of the root user.
This is equivalent to logging in as root, but with one benefit: knowing who was the original user that logged in to the system before switching to root. This will guarantee that this user will be accountable for any actions done during this session.
Note: – Once you become root, you can switch to any other user without having to type a password.
The sudo Command
Despite the accountability benefit of using the su command, the user is now having full power on the machine, as he has an open shell using root. This opens the door wide for possible accidental damages that may occur due to command typos. In addition, for an admin to switch to root, he must know the root password. So, what if your team has 5 or 6 administrators with different administrative roles? Should they all know the root password? And if so, would that be a security?
The sudo command offers a better approach. It allows a permitted user to execute a command as the superuser or as another user.
Now, the system admin could grant a user or group of users the privileges to run one command or multiple commands. The user will be prompted to type his own password. This way, an authorized user can run an administrative command without need to know the root password, and without need to login as root. This approach has the following benefits:
- The root password remains secure.
- Eliminates possible intentional and accidental damages that may occur due to harmful commands.
- Gives the system admin the capability to delegate administrative tasks to different users and groups based on their jobs. This is configured in the /etc/sudoers file.
In this article, we started tackling the Privilege Escalation topic.
- In the authorization process, the system determines whether a specific user has the privilege to execute a certain task.
- The root user is the superuser in UNIX and Linux systems.
- The root user has the user ID 0.
- The su command switches to another user. It starts a shell with effective user ID and group ID of the user being switched to.
- The sudo command executes a command as another user.
In the next article, we will continue with Privilege Escalation. See you.