IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sudo]

`sudo` is a command that allows a user to use commands with the privileges of another user, usually the root user.

sudo is a command that allows a user to use commands with the privileges of another user, usually the root user.

The difference with su is that su allows a user to become another user, and remain that user until they log out. sudo, by contrast, allows a user to execute one commend with another users privileges.

To use sudo, a user needs to enter their password, to once again verify that they are who they claim to be. Note that it is the user's own password, not the root password, that is required to use sudo.

On some systems, like Ubuntu, the root user is disabled by default, to prevent people from gaining root access by guessing the password. A user with the appropriate sudo privileges can then perform commands with root privileges by prefixing their command with sudo.

78 questions
1
vote
1 answer

Nmap not working as a root

Hi I asked this questions on other forums, and searched on google, but nothing was useful to me. My problem works as a non-privileged used, but whenever I run it as a root, I get: Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-25 16:21…
BetimNeutron
  • 11
  • 2
0
votes
0 answers

sudo with a USERID

This question relates to a comment on a question I posted at https://askubuntu.com/questions/1426688/sudo-with-a-userid-reverting-old-behaviour?noredirect=1#comment2484447_1426688 Specifically, in Ubuntu 18.04 I could run a command like "sudo -u…
davidgo
  • 593
  • 5
  • 11
0
votes
1 answer

Read files protected with System Integrity Protection with sudo

I had a debate with a friend about the security model in new OS X versions. OS X El Capitan and newer have the System Integrity Protection security feature which protects aspects of the OS even from root users. My friend claimed that it's secure by…
Paul
  • 583
  • 5
  • 8
0
votes
0 answers

Using GPG from another user (GNU/Linux)

I want to use gpg from another user (user2), so that the primary user (user1) does not have access to the encrypted file, but only to the part the script will output. Added a sudo rule for user1 to run /bin/gpg as user2. When I try to execute…
NewLinux
  • 625
  • 3
  • 8
0
votes
0 answers

Secure method of creating sudoer password through cloud-init

We have automated a lot of things for server startup via cloud-config, and I want confirmation about whether there is any security concern in the following. users: - name: myuser groups: sudo shell: /bin/zsh ... runcmd: # change…
Augustine Calvino
  • 1
  • 1
0
votes
1 answer

ec2 instance insecure to allow ssh to any ip address

I have a linux instance deployed on AWS EC2. Sorry for my dumb question, but I'll ask anyways just to be safe. Q1. While creating an instance, I set anyone 0.0.0.0:0 for the ssh. Though, on the next step, it asked me to create private/public key…
Nika Kurashvili
  • 105
  • 2
0
votes
0 answers

Resricted Sudo Inside of Jailkit?

Is it possible to enable sudo for a chrooted user (jailkit)? I have nextcoud installed inside of a jailkit chrooted user and I am attempting to get the nextcloud occ command to work correctly. The normal required structure for nextcloud occ is:…
minataur
  • 61
  • 3
0
votes
2 answers

Disable everything but a hidden command for root access

linux security and root access question.... I'm setting up a server that has a validator node running on it for a blockchain. I was trying to harden the security of my server. I set up ufw for all ports but those necessary for the node to operate. I…
user267912
  • 1
0
votes
0 answers

How is doas with persist less secure than sudo?

The cross-platform port of doas, opendoas, has a persist feature that basically caches the user's password so they don't have to enter it repeatedly. It seems like many people consider this insecure. As I understand it, BSD has some fancy kernel…
Artimithe55
  • 209
  • 1
  • 7
0
votes
2 answers

How `sudo` command checks password?

To check the sudo password, we need root permission to even read the /etc/shadow file. But how sudo checks password?
ArianKG
  • 13
  • 5
0
votes
1 answer

security difference between sudo make install versus sudo su make install

Is there a security difference between doing sudo make install versus two step sudo su and then typing make install The reason I'm asking is because a security requirement to install some software says you must type exactly 'make install' (not…
user1709076
  • 149
  • 7
0
votes
0 answers

Reverse sudo - sudo ro untrusted user

I want to split my terminal sessions to different users, to compartmentalize them. If I sudo -i -u user1 in one terminal window, can user1 attack my main session? Everyone talks about sudo to escalate privileges, but I want to reduce them.
Schnoobus
  • 1
0
votes
2 answers

Exectuting sudo command in one line within a non-tty shell

I have access to a server via RCE over http. I can send post requests to the server which results in command execution. I am attempting to escalate privileges via sudo (su is not installed). The server is heavily firewalled with egress filters and…
dd_doriz
  • 1
  • 2
0
votes
3 answers

Does sudo ever de-escalate privilege while the program/command/service is running?

For Example Is it safer to do: $ sudo [cmd] [args] [enter user password] or $ su - [enter root password] # [cmd] [args] I always assumed they are the exact same thing, because sudo utilizes setuid-root, so the process that is run as sudo's…
0x5929
  • 335
  • 4
  • 13
0
votes
2 answers

Sending shutdown command via ssh using sudo non-interactively

With iOS 12 and the new Siri Shortcuts app, I've been thinking of ways I could leverage the SSH command capability in the app. For those of you who don't know, the app allows you to send a bash file or string to stdin and returns stdout as a…
Matt
  • 165
  • 8
1 2 3 4
5
6