[sudo-users] Root sudo privileges
david.ledger at ivdcs.co.uk
Tue Feb 23 01:52:39 MST 2016
On 23 Feb 2016, at 03:04, john william wrote:
> I am trying to find info on why root is include by default in /etc/sudoers? Why does root need ALL privileges when the root account itself has unrestricted privileges.
> For the root_sudo option description: If set, root is allowed to run sudo too. Disabling this prevents users from “chaining” sudo commands to get a root shell by doing something like “sudo sudo /bin/sh”. Note, however, that turning off root_sudo will also prevent root from running sudoedit. Disabling root_sudo provides no real additional security; it exists purely for historical reasons. This flag is on by default.
> How does preventing users from “chaining” sudo commands not provide additional security when it potentially prevents users from getting a root shell or executing other commands?
> The root account can use su -l <user> - c <command> vs using sudo.
> Thanks in advance
sudo is not only used for becoming root. Say you have a script that operates on a database, and those operations _have_ to be done as the database owner, and the script includes 'sudo databaseuser'. Having root not able to change uid to the database owner with sudo would mean that root would be one user that couldn't operate on the database without an "opps - silly me. I must remember to add that rule to sudoers".
The same applies to scripts that have to be run as root where you remember you need root but forget that the script uses sudo so you mustn't run the script with sudo. Anything like this that breaks you chain of thought is a bad thing.
More information about the sudo-users