Super User Do! (sudo)

sudo (Super User do) is an excellent and yet extremely simple utility.
sudo lets ordinary user to execute commands as super user (root)
Any user can execute privileged program using sudo command.
sudo will ask for that users password before executing any command
(Note it doesn't ask you root password) sudo can be configured to
gain finer control over who can execute what. People can be restricted
to execute certain commands such as halt, reboot etc. Yet they can
execute other commands without providing root password.

sudo configuration can also be stored in LDAP. This allows finer control
over distributed set of machines. All machines can read configuration from
LDAP server which localizes the configuration and management of sudo
for multiple machines.

Ubuntu comes with preconfigured sudo. Ubuntu has null root password
that is no one can log into root account directly. First user who registers on
the ubuntu box is given all privileges through sudo on that machine.
If the privileged person wants to login as root he can do so using

sudo su

The most important feature of sudo is that it enables logging. sudo logs
the commands you execute with the user name. And this is what many
people use it for.

This sounds very good approach in terms of security, but I don't totally
agree with it. Say there are 3 users who have got full privileges with sudo.
All of them can execute any command by providing their own password
to sudo. This means that we now have nearly 3 root equivalent accounts
and 3 root equivalent passwords to protect! Also the configuration is
rather trickier. When I configured sudo I started with exclusion principle.
Users were disallowed to execute certain programs, rest of the programs
can be executed by users. This is really dangerous as the programs which
you are allowing are virtually infinite set, so its always better to use inclusion
principle here. Only allow certain programs can be executed as root.
Maybe rest of the programs can be allowed to run as some less privileged
user or the same user (As pointed out by Milan :D)

All I can say its something very useful for people using it for personal
desktops or in the environment where there are limited users.

Sodores Manual


Daniel said...

sudo is not "super user do." It is "switched user do."

Milan Mehta said...

From the manual, there are a couple of dangerous security flaws -
1. negative (or substractions) of commands from a superset will not work, as the user can copy the file to another name and run that command. (Click here to see details) So we should only use positive lists of commands that a user can execute.
2. The user can invoke a command that allows shell escapes (like vi) and then do anything through the shell. (Click here to see details). Sudu supports a NOEXEC tag, but this needs to be compiled into sudo, and supported by the specific *nix variants only.

Kalpak said...

Yaa.. I Agree Daniel its switched user do in terms of the functionality. But the writer itself refers it as "Super user do." Also people use it more for allowing normal user to execute privileged commands that is normally "root".