Page 1 of 1
How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 3:58 am
by IAMNewbie
How user(s) rights and root rights are guarded and protected and kept unmodified?
Supposing an user want to do ls /etc or ls /root it will get "Permission denied. (error 13)".
How is this watched?
I suppose that there is a service constantly monitoring what any user is doing, right?
If so, wouldn't be easy for a malicious user to kill that service or make it to crash in order to get root privileges?
Is there any way to bypass root privileges or to add "custom" privileges to any given user without being root?
Thank you in advance!
Re: How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 6:59 am
by Huckleberry Finn
IAMNewbie wrote: Sat Mar 04, 2023 3:58 amIs there any way to bypass root privileges or to add "custom" privileges to any given user without being root?..
Yes.
(I'd even posted that in a dedicated thread. However I see that it's been deleted). Therefore it may be better to simply keep additional users out of group
sudo , in multi-user environments. (In a nutshell: to prevent access to
visudo and
polkit via
sudo )
Re: How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 7:10 am
by dolphin_oracle
There is not a service watching all the time at least not in the way you think. Permissions are baked into the file systems and the kernel following those permissions. Not all file systems feature permissions though.
The sudo service does run but it manages elevating user privileges to root/admin level. It does not monitor file system permissions.
Re: How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 7:29 am
by IAMNewbie
Huckleberry Finn wrote: Sat Mar 04, 2023 6:59 am
IAMNewbie wrote: Sat Mar 04, 2023 3:58 amIs there any way to bypass root privileges or to add "custom" privileges to any given user without being root?..
Yes.
(I'd even posted that in a dedicated thread. However I see that it's been deleted). Therefore it may be better to simply keep additional users out of group
sudo , in multi-user environments. (In a nutshell: to prevent access to
visudo and
polkit via
sudo )
What have you found? What is all about? Could you write it again, please?
Thank you in advance!
Re: How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 7:40 am
by Huckleberry Finn
- To get rid of terminal password prompts:
add this line :
Code: Select all
Defaults:yourusername !authenticate
- To get rid of GUI password prompts:
Code: Select all
sudo tee /etc/polkit-1/localauthority/50-local.d/99-no-gui-password-for-me.pkla <<!
[No password prompt]
Identity=unix-user:yourusername
Action=*
ResultActive=yes
!
(Don't forget to change the
yourusername parts)
Re: How user(s) rights and root rights are guarded and protected and kept unmodified?
Posted: Sat Mar 04, 2023 8:26 am
by Huckleberry Finn
Shortly: In case of doubt:
the most important one is to prevent physical access,
then to not give sudo rights to everyone,
and if there's possibility of physical access: use also encryption (either for root, home and data partitions) (and assign a Bios pw. that you won't ever forget (without keeping usb/cd/dvd etc. on top of boot sequence))