How user(s) rights and root rights are guarded and protected and kept unmodified?

[IAMNewbie]

How user(s) rights and root rights are guarded and protected and kept unmodified?

Supposing an user want to do ls /etc or ls /root it will get "Permission denied. (error 13)".
How is this watched?
I suppose that there is a service constantly monitoring what any user is doing, right?
If so, wouldn't be easy for a malicious user to kill that service or make it to crash in order to get root privileges?
Is there any way to bypass root privileges or to add "custom" privileges to any given user without being root?

Thank you in advance!

[Huckleberry Finn]

Is there any way to bypass root privileges or to add "custom" privileges to any given user without being root?..

Yes.

(I'd even posted that in a dedicated thread. However I see that it's been deleted). Therefore it may be better to simply keep additional users out of group sudo , in multi-user environments. (In a nutshell: to prevent access to visudo and polkit via sudo )

[dolphin_oracle]

There is not a service watching all the time at least not in the way you think. Permissions are baked into the file systems and the kernel following those permissions. Not all file systems feature permissions though.

The sudo service does run but it manages elevating user privileges to root/admin level. It does not monitor file system permissions.

[IAMNewbie]

Is there any way to bypass root privileges or to add "custom" privileges to any given user without being root?..

Yes.

(I'd even posted that in a dedicated thread. However I see that it's been deleted). Therefore it may be better to simply keep additional users out of group sudo , in multi-user environments. (In a nutshell: to prevent access to visudo and polkit via sudo )

What have you found? What is all about? Could you write it again, please?
Thank you in advance!

[Huckleberry Finn]

• To get rid of terminal password prompts:
  

  Code: Select all

  sudo visudo

  add this line :
  

  Code: Select all

  Defaults:yourusername !authenticate

  Ctrl+S , Ctrl+X .

• To get rid of GUI password prompts:
  

  Code: Select all

  sudo tee /etc/polkit-1/localauthority/50-local.d/99-no-gui-password-for-me.pkla <<!
  [No password prompt]
  Identity=unix-user:yourusername
  Action=*
  ResultActive=yes
  !

  Save, Logout & Login.

(Don't forget to change the yourusername parts)

• Also one can change even the root pw (even without knowing the current one) if they're able to boot the machine:
  
  https://forum.mxlinux.org/viewtopic.php ... 73#p715573
  
  
  Or with just booting a live media:
  
  https://forum.mxlinux.org/viewtopic.php ... 30#p636330

[Huckleberry Finn]

Shortly: In case of doubt:

the most important one is to prevent physical access,

then to not give sudo rights to everyone,

and if there's possibility of physical access: use also encryption (either for root, home and data partitions) (and assign a Bios pw. that you won't ever forget (without keeping usb/cd/dvd etc. on top of boot sequence))