Why does a simple user password allow root access on Ubuntu?

I have a client who I setup with a linux machine. He isn't very tech savvy, and obviously just needed a simple password to log onto ubuntu with. His username and password are something like:

user: John
password: GoodDeals

On the other hand, the root password on the machine is much more complex, and is something only I should have access to.

But when I use the command:

sudo su -

Ubuntu prompts for John's simple password and then grants root access to the entire machine.

This could be an issue, as once an employee knew the simple password to log onto the machine, they could essentially gain root access with it.

Is this intended behavior?

Why does knowing a user account password automatically give you root access?

some1

Posted 2016-03-26T20:42:15.270

Reputation: 454

2You can configure which users/groups can use sudo and what coomands they can run with sudo. – Tom Yan – 2016-03-26T20:57:41.327

Should root be in sudo group? I realized I need to remove John from sudo, but root isn't in there. Should it be? – some1 – 2016-03-26T20:58:38.200

1No. The default /etc/sudoer has a line for root. – Tom Yan – 2016-03-26T21:12:59.457

Obligatory https://xkcd.com/1200/

– user1686 – 2016-10-18T07:16:20.223

Answers

Figured out John was in sudo group when he shouldn't be. Removed John from sudo using this command:

gpasswd -d john sudo

And this resolved the issue. If he tries to escalate privileges now he is unable to.

some1

Posted 2016-03-26T20:42:15.270

Reputation: 454

Something worth remembering is ubuntu automatically assumes the first user you add (during install) is the admin. I personally just set up my default admin account, then add any un(der) privileged accounts as needed later. – Journeyman Geek – 2016-10-22T01:04:38.497

By default, the Ubuntu distribution of Linux comes with root login disabled and root password unset, so to raise his privilege level a user needs to run commands with sudo, and that is permitted only when user is a sudoer (having its entry in the sudoers file) which is as following for brief:

Members of the admin group may gain root privileges

%admin  ALL=(ALL) ALL

Allow members of group sudo to execute any command

%sudo   ALL=(ALL:ALL) ALL

Root and users in group wheel can run anything on any machine as any user

root            ALL = (ALL) ALL
%wheel          ALL = (ALL) ALL

Full time sysadmins can run anything on any machine without a password

FULLTIMERS      ALL = NOPASSWD: ALL

Part time sysadmins may run anything but need a password

PARTTIMERS      ALL = ALL

And the command that you are running is

sudo /sbin/su -

which, when run by sudo user, will not prompt for password (sudo password not root password) if RootSudoTimeout didn't occur, to Restrict this

john may su only to operator

john        ALL = /usr/bin/su operator

john may su to anyone but root and flags are not allowed

john        ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*

8zero2.ops

Posted 2016-03-26T20:42:15.270

Reputation: 268

Knowing a user account password doesn't give root access automatically. Sudo is intended for root access for priviledged users like your John, using user's password in contrary to su, that need root's password to execute any command. Show the output of id command for John. I suppose you've set your Ubuntu up with this username, so that John is in sudo group by default.

Oleg Bolden

Posted 2016-03-26T20:42:15.270

Reputation: 1 507

"John is in sudo group by default." -- good to know how that happened. – some1 – 2016-04-07T00:06:08.020