Language Selection

English French German Italian Portuguese Spanish

Sudo: Why Ubuntu does it right

Filed under
Ubuntu

One of the most famous Linux debates on the internet is over Ubuntu's security model of using sudo to administrate a machine and disabling the traditional root login via su. For many experienced Linux and unix sysadmins, such behavior is strange and foreign, and many people change sudo on Ubuntu to behave like "normal." I, on the other hand, have gradually come to believe that not only is the Ubuntu way good, it is actually better! In this post I'll attemp to explain why. You can read the long-winded official explanation of why Ubuntu uses sudo, but I'll attempt to summarize. Basically, there are two main benefits to the Ubuntu sudo model that I see:

1. Disabling the root account entirely provides an extra layer of security from remote hackers.

2. Using sudo adds an extra layer of abstraction in the security model.

rest here




re: Sudo

Yes, if you're too stupid to understand how permissions work, then I guess typing SUDO EVERYTHING is the only way to protect you from yourself.

Sudo in Ubuntu is no better (or worse) then UAC in Vista.

And disabling root, but leaving sudo enabled DOES NOTHING to increase security.

Personally, my computers work for me, and not the other way around (of course I have a IQ considerably higher then 80, so I'm not the typical user that Unoobtu targets).

re: re: Sudo

Vonskippy wrote:
And disabling root, but leaving sudo enabled DOES NOTHING to increase security.

Yes, the use of sudo has to be the biggest and most unnecessary time-waster in all of Linux.

I've been running Linux for

I've been running Linux for 10 years and never been remote hacked. That is because I dont run as root and use a strong root password. If I got into a ubuntu box couldnt I just sudo anything I wanted?

no, you couldn't,

because the default behavior of sudo in ubuntu is to ask the use to AUTHENTICATE. They need to know the user's password to sudo, but first they need to know the username to login at all. A remote hacker (especially a bot) would have no idea what users are on a system in the first place anyways.

However, you're right, not running as root is the same idea as using sudo. You just open up a shell with su and do your commands, then close the root shell. That is how a good sysadmin works, I'm simply arguing that using sudo is the same idea as that, taken one step further.

Sudo is less secure...

By using the USER password, Sudo is less secure. A better way would be to require a second Sudo password for each user in the sudoers list.

Also, I agree with vonskippy. It simply does nothing to increase security and is just a nuscance like UAC. I also don't like distros that attempt to protect me from myself. This is a Microsoft way of thinking and exactly why security is so lax an home computers. People need to be educated more about them so that they learn how to do it right and not rely on someone else to secure it.

Not the same as UAC

Hi, this is the author of the blog post. I can't believe my blog actually made it to tuxmachines. Big Grin omg I feel special.

Anywho, to address some of the comments, I wasn't really intending to compare sudo to UAC, rather I was comparing it to the tradition su method seen in other linux distros. However.... I cannot stress enough that sudo is NOT the same as vistas UAC. sudo forces you to authenticate, UAC merely asks if you're really sure you want to do that. This is more secure, period. In Linux, the administrator is clearly separated from the user. I am an educated linux user, and I do understand how permissions work, yet I still prefer to use sudo. Why? because I am protecting myself. When I use sudo, I'm saying "this, and only this process may run as root. Here's my password to prove it's okay to do this." When I click on yet another UAC prompt, I'm saying "yes I want to run the stupid program that I JUST TOLD YOU TO RUN. OK."

Also, the protection against remote hackers is less of an issue for a regular desktop and more of an issue for a web server connected directly to the internet. For such a server, this is a very, very, important issue, since you can get bombarded by bots all the time just trying to connect in various ways, simply because the server is there. I've seen it happen.

Family Computer

If I have a family computer where 3-4 people can use it. Do they all have the ability to install/remove software on it using sudo?

re:Family Computer

No, they don't all have access unless you add them to the "admin" group in Ubuntu. When you install Ubuntu, the first account (which is created during the install) is part of this admin group, and has privileges to use sudo. Who can and cannot use sudo to do various tasks can be fine-tuned in the /etc/sudoers file, but by default, only the first user can sudo.

Admin group - enabled by default on Ubunt

scarter4 wrote:
No, they don't all have access unless you add them to the "admin" group in Ubuntu. When you install Ubuntu, the first account (which is created during the install) is part of this admin group, and has privileges to use sudo. Who can and cannot use sudo to do various tasks can be fine-tuned in the /etc/sudoers file, but by default, only the first user can sudo.

OK, there are flaws there. You are assuming that every user is set up as a different user but the gist of the original question, seemed to me, to imply that everyone was using the same login. What then?
I don't use ubuntu. I have one user and root. Anyone in my family can access usr but only I can access root.
What would be the situation on a similar setup in Ubuntu?
I think Ubuntu is flawed in their admin at setup route as most ubuntu users have migrated from Windows and don't do separate user setups. Add in auto login and you have a system open to borks by people fiddling. For this reason I'd never have Ubuntu in a school for example.
User and root is the way to go and if you do want to Sudo then at least prompt for a separate root password.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux Devices, Tizen, and Android

Leftovers: OSS

  • SAP buys into blockchain, joins Hyperledger Project
  • foss-north speaker line-up
    I am extremely pleased to have confirmed the entire speaker line-up for foss north 2017. This will be a really good year!
  • Chromium/Chrome Browser Adds A glTF Parser
    Google's Chrome / Chromium web-browser has added a native glTF 1.0 parser. The GL Transmission Format, of course, being Khronos' "3D asset delivery format" for dealing with compressed scenes and assets by WebGL, OpenGL ES, and other APIs. There are glTF utility libraries in JavaScript and other web-focused languages, but Google adding a native glTF 1.0 parser appears to be related to their VR push with supporting VR content on the web. Their glTF parser was added to Chromium Git on Friday.
  • Sex and Gor and open source
    A few weeks ago, Dries Buytaert, founder of the popular open-source CMS Drupal, asked Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal community, “to leave the Drupal project.” Why did he do this? He refuses to say. A huge furor has erupted in response — not least because the reason clearly has much to do with Garfield’s unconventional sex life. [...] I’ll unpack the first: open-source communities/projects are crucially important to many people’s careers and professional lives — cf “the cornerstone of my career” — so who they allow and deny membership to, and how their codes of conduct are constructed and followed, is highly consequential.
  • Hazelcast Releases 3.8 – The Fastest Open Source In-Memory Data Grid
  • SecureDrop and Alexandre Oliva are 2016 Free Software Awards winners
  • MRRF 17: Lulzbot and IC3D Release Line Of Open Source Filament
    Today at the Midwest RepRap Festival, Lulzbot and IC3D announced the creation of an Open Source filament. While the RepRap project is the best example we have for what can be done with Open Source hardware, the stuff that makes 3D printers work – filament, motors, and to some extent the electronics – are tied up in trade secrets and proprietary processes. As you would expect from most industrial processes, there is an art and a science to making filament and now these secrets will be revealed.
  • RApiDatetime 0.0.2

Security Leftovers

  • NSA: We Disclose 90% of the Flaws We Find
    In the wake of the release of thousands of documents describing CIA hacking tools and techniques earlier this month, there has been a renewed discussion in the security and government communities about whether government agencies should disclose any vulnerabilities they discover. While raw numbers on vulnerability discovery are hard to come by, the NSA, which does much of the country’s offensive security operations, discloses more than nine of every 10 flaws it finds, the agency’s deputy director said.
  • EFF Launches Community Security Training Series
    EFF is pleased to announce a series of community security trainings in partnership with the San Francisco Public Library. High-profile data breaches and hard-fought battles against unlawful mass surveillance programs underscore that the public needs practical information about online security. We know more about potential threats each day, but we also know that encryption works and can help thwart digital spying. Lack of knowledge about best practices puts individuals at risk, so EFF will bring lessons from its comprehensive Surveillance Self-Defense guide to the SFPL. [...] With the Surveillance Self-Defense project and these local events, EFF strives to help make information about online security accessible to beginners as well as seasoned techno-activists and journalists. We hope you will consider our tips on how to protect your digital privacy, but we also hope you will encourage those around you to learn more and make better choices with technology. After all, privacy is a team sport and everyone wins.
  • NextCloud, a security analysis
    First, I would like to scare everyone a little bit in order to have people appreciate the extent of this statement. As the figure that opens the post indicates, there are thousands of vulnerable Owncloud/NextCloud instances out there. It will surprise many just how easy is to detect those by trying out common URL paths during an IP sweep.
  • FedEx will deliver you $5.00 just to install Flash
    Bribes on offer as courier's custom printing service needs Adobe's security sinkhole

GNOME Extensions Website Has A New Look

Every GNOME Shell user will visit the official GNOME Shell Extensions website at least once. And if those users do so this weekend they’ll notice a small difference as the GNOME Shell Extensions website is sporting a minor redesign. This online repo plays host to a stack of terrific add-ons that add additional features and tweak existing ones. Read more