Language Selection

English French German Italian Portuguese Spanish

Sudo: Why Ubuntu does it right

Filed under
Ubuntu

One of the most famous Linux debates on the internet is over Ubuntu's security model of using sudo to administrate a machine and disabling the traditional root login via su. For many experienced Linux and unix sysadmins, such behavior is strange and foreign, and many people change sudo on Ubuntu to behave like "normal." I, on the other hand, have gradually come to believe that not only is the Ubuntu way good, it is actually better! In this post I'll attemp to explain why. You can read the long-winded official explanation of why Ubuntu uses sudo, but I'll attempt to summarize. Basically, there are two main benefits to the Ubuntu sudo model that I see:

1. Disabling the root account entirely provides an extra layer of security from remote hackers.

2. Using sudo adds an extra layer of abstraction in the security model.

rest here




re: Sudo

Yes, if you're too stupid to understand how permissions work, then I guess typing SUDO EVERYTHING is the only way to protect you from yourself.

Sudo in Ubuntu is no better (or worse) then UAC in Vista.

And disabling root, but leaving sudo enabled DOES NOTHING to increase security.

Personally, my computers work for me, and not the other way around (of course I have a IQ considerably higher then 80, so I'm not the typical user that Unoobtu targets).

re: re: Sudo

Vonskippy wrote:
And disabling root, but leaving sudo enabled DOES NOTHING to increase security.

Yes, the use of sudo has to be the biggest and most unnecessary time-waster in all of Linux.

I've been running Linux for

I've been running Linux for 10 years and never been remote hacked. That is because I dont run as root and use a strong root password. If I got into a ubuntu box couldnt I just sudo anything I wanted?

no, you couldn't,

because the default behavior of sudo in ubuntu is to ask the use to AUTHENTICATE. They need to know the user's password to sudo, but first they need to know the username to login at all. A remote hacker (especially a bot) would have no idea what users are on a system in the first place anyways.

However, you're right, not running as root is the same idea as using sudo. You just open up a shell with su and do your commands, then close the root shell. That is how a good sysadmin works, I'm simply arguing that using sudo is the same idea as that, taken one step further.

Sudo is less secure...

By using the USER password, Sudo is less secure. A better way would be to require a second Sudo password for each user in the sudoers list.

Also, I agree with vonskippy. It simply does nothing to increase security and is just a nuscance like UAC. I also don't like distros that attempt to protect me from myself. This is a Microsoft way of thinking and exactly why security is so lax an home computers. People need to be educated more about them so that they learn how to do it right and not rely on someone else to secure it.

Not the same as UAC

Hi, this is the author of the blog post. I can't believe my blog actually made it to tuxmachines. Big Grin omg I feel special.

Anywho, to address some of the comments, I wasn't really intending to compare sudo to UAC, rather I was comparing it to the tradition su method seen in other linux distros. However.... I cannot stress enough that sudo is NOT the same as vistas UAC. sudo forces you to authenticate, UAC merely asks if you're really sure you want to do that. This is more secure, period. In Linux, the administrator is clearly separated from the user. I am an educated linux user, and I do understand how permissions work, yet I still prefer to use sudo. Why? because I am protecting myself. When I use sudo, I'm saying "this, and only this process may run as root. Here's my password to prove it's okay to do this." When I click on yet another UAC prompt, I'm saying "yes I want to run the stupid program that I JUST TOLD YOU TO RUN. OK."

Also, the protection against remote hackers is less of an issue for a regular desktop and more of an issue for a web server connected directly to the internet. For such a server, this is a very, very, important issue, since you can get bombarded by bots all the time just trying to connect in various ways, simply because the server is there. I've seen it happen.

Family Computer

If I have a family computer where 3-4 people can use it. Do they all have the ability to install/remove software on it using sudo?

re:Family Computer

No, they don't all have access unless you add them to the "admin" group in Ubuntu. When you install Ubuntu, the first account (which is created during the install) is part of this admin group, and has privileges to use sudo. Who can and cannot use sudo to do various tasks can be fine-tuned in the /etc/sudoers file, but by default, only the first user can sudo.

Admin group - enabled by default on Ubunt

scarter4 wrote:
No, they don't all have access unless you add them to the "admin" group in Ubuntu. When you install Ubuntu, the first account (which is created during the install) is part of this admin group, and has privileges to use sudo. Who can and cannot use sudo to do various tasks can be fine-tuned in the /etc/sudoers file, but by default, only the first user can sudo.

OK, there are flaws there. You are assuming that every user is set up as a different user but the gist of the original question, seemed to me, to imply that everyone was using the same login. What then?
I don't use ubuntu. I have one user and root. Anyone in my family can access usr but only I can access root.
What would be the situation on a similar setup in Ubuntu?
I think Ubuntu is flawed in their admin at setup route as most ubuntu users have migrated from Windows and don't do separate user setups. Add in auto login and you have a system open to borks by people fiddling. For this reason I'd never have Ubuntu in a school for example.
User and root is the way to go and if you do want to Sudo then at least prompt for a separate root password.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.