this post was submitted on 09 May 2024
223 points (95.9% liked)

Linux

48332 readers
426 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 6 months ago (1 children)

A non privileged user doesn't have the access necessary to run a program that can accomplish this.

It would be a script called "sudo" somewhere in your PATH. You type sudo, you give it your password, done.

[–] [email protected] 3 points 6 months ago (1 children)

That's called 'privilege escalation', and replacing system level calls with user level calls is closely watched for and guarded against with many different security measures including SELinux.

You've already outed yourself multiple times in this thread as someone who doesn't understand how security in the real world works. Take the L and try to learn from this. It's okay not to understand something. But it's very important to recognize when that happens and not claim to understand better than someone else.

[–] [email protected] 1 points 6 months ago

It's not privilege escalation because it doesn't subvert the correct authentication mechanism, it leverages it. This particular technique is called UI input capture. It's a script that shows a password prompt then uses your password to do things as root. Nothing untowards would be detected. The main defense is to always run commands with full path – which nobody does.

Separating the process of reaching root in two steps does nothing to improve security, it actually increases complexity and subverts security. If the system is set up to SSH as root you either have a good key or you don't. If you force people to SSH as individual users and then use a complex mechanism to reach root you create opportunity for a hundred more attack methods, and add a false sense of security.

Input capture btw is not the only method. Sudo has a lot of them. Another very common one is leveraging the password cache timeout.

You've already outed yourself

How about we skip the dick measuring contest and we stick to the discussion at hand.