[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
> On 20 Dec 2013, at 16:58, "Tremayne, Steve" <steven.tremayne@xxxxxxxxxxxxx> wrote: > > I am aware that I don't understand "root" access completely, so if someone can > give a succinct overview (or point me to the webpage I couldn't find after > searching on t'interweb), then I would appreciate the chance to not fall in to a > security problem in the future ... Root is the user with UID 0 Typically (some counter examples exist) it is the UID not the username that matters. UID is found in the /etc/passwd file. Indeed the passwd file can be seen as a mapping from user friendly username to machine friendly UID along with some extra info like shell. Special privileged are conveyed to the processes (tasks properly) with UID 0, which they typically inherit from root's login shell. These privileges include: Changing users password without knowing the old one Changing ownership or permission on any file Using ports below 1024 Sending signals to any process e.g. kill ...... And lots more.... If you find another user with UID 0 in your password file, a favourite hacker trick, it will typically have the same privileges as root. The story of permissions is more involved, because these days we have selinux and capabilities etc. What I'm describing is a simplified view of reality. So processes have a UID and an effective UID, forget about that one for now. > Ok, so "root" is a user. Ok, understood. (Not quite sure where the "wheel" group > comes in to this, but that's possibly a different topic) Wheel is the group of users who can use sudo where it exists. It has history. Also some systems have group staff who can stick stuff in /usr/local, you better trust members of both groups. > And "sudo" and "su" are commands to run a command as a different user..., i.e. > root?? But *buntu's don't have a "root" user, so I'm getting hazy now... Ubuntu simply doesn't have an account you can use by default. Processes with a UID of 0 are still privileged. > So, if your friendly hacker has found any user/password combo to gain access, > surely they then just type "sudo <bad commands>" and they have exactly the same > access level to the box? Systems didn't enable sudo by default in the past. root had to add users and commands to make it happen. Some versions of Ubuntu have a weird model here. > I believe that the reason for sudo was to allow a user access to specific commands > at a privileged level (i.e. sudo apt-get update) but not others (sudo install > rootkit)... Precisely > So where does "su" come in to this? su just let's one user become another user. It is like the login command (you have typed login at a shell prompt right?) but with some special cases such as run this one command, or don't prompt for password if run by root etc. The other interesting option on "su" is "-" su - simon Versus su simon > And (for a bonus point), why do some distros use one over the other? :o) Religious wars are raged here. All distros have both packaged as far as I know. Some people think it is bad form to use a shell as root, and insist on sudo. As someone who spends a lot of time logged in as root I think this is madness. On the other hand su and sudo both log who became root when. Some enterprises mandate all root or all shell access is logged."script" is your friend here. I prefer "su" because it is less convenient :) As regards making home systems more secure, the reason some Linux systems blur the user/root distinction is that if all your data is in /home/simon and say user "simon" has his account compromised, that the hackers didn't get root is largely irrelevant since they have access to all the data. On multiuser systems (my son Isaac shares one of my PCs) the distinction matters again, in that permission protect my files slightly in the event he does something silly (and vice versa). Few Linux systems are robust against "privilege escalation" - e.g. Where a compromised user account will usually allow a skilled attacker to get root. Most home users shouldn't care too much about that. Some hackers want root because root can put network cards into promiscuous mode (allowing eavesdropping) but this is less of an issue on small home networks (especially those with only one computer). Number 1 tip for making home system more secure - back it up Number 2 tip - keep software up to date Beyond that, until or unless you are doing things that expose one to additional threats, the main thing is not to do anything stupid. Try to stick to software from OS repositories, avoid too many browser plug-ins. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq