Security difference between changing permissions versus using sudo to execute

Question

If there is a program written by a normal user that requires root privileges (eg. a program that interacts with root processes) what is the difference between running this program using sudo vs. changing the program permissions with chown root and chmod +s from a security perspective?

Answer 1

It hardly makes a difference, but with some caveats

Firstly, lets get two things out of the way first:

1. using chown root and chmod +s on a binary makes it a SUID (Set User ID) binary. I tell you this so it's easier to look up more information if you so please.

2. sudo itself is a SUID binary.

Because both methods allow a normal user to run the application as root, if everything is set up correctly there is no difference whatsoever.

But it's easier to mess up sudo privileges configurations than to mess up SUID binaries.

Some possible outcomes of misconfigurations or errors would be:

• The ability to sudo an application of the same name (if the path set in sudo permissions isn't abolute)
• If you move the application (and are using an absolute path) and you forget to change the sudo path, the user can no longer sudo the application.
  • Ever worse, if you the user can write to the old path it can now create a new binary with the old name and location and sudo it
  • The above also applies if you delete the binary

A small note about SUID binaries, some applications (like bash run without -p) drop the SUID bit when ran, thus dropping privileges back to those of the normal user.

Also, from time to time a sudo exploit is discovered. These usually require the user to be able to sudo something and therefor aren't usually if the user can't sudo anything at all. But frankly I would consider that a minor issue, but worth mentioning here nevertheless.

I would just use a SUID