Privilege escalation in Linux

Leave a Comment / Linux OS / By

Privilege escalation in Linux is typically accomplished via sudo, which stands for “superuser do”. This command allows regular users to execute commands as a superuser or another user.

However, disabling the use of sudo entirely is generally not a good idea, because some tasks require administrative privileges to run. What you can do is control which users have sudo access.

To modify sudo access, you edit the sudoers file. Here’s how:

  1. Open a terminal.
  2. Type sudo visudo to edit the sudoers file. This command uses the default text editor, which is usually nano or vi. Note: visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the sudoers file is currently being edited you will receive a message to try again later.
  3. In the sudoers file, you’ll see a line that looks something like this: 
#username ALL=(ALL:ALL) ALL or

 #%sudo   ALL=(ALL:ALL) ALL

The first line gives the user username permission to run sudo for any command. The second line gives any user in the sudo group the same permission.

  1. To remove sudo privileges, you can either remove the appropriate line entirely, or comment it out by adding a # at the beginning of the line:
    • #username ALL=(ALL:ALL) ALL or
    • #%sudo ALL=(ALL:ALL) ALL
  2. Once you’ve made your changes, save and exit the file. In nano, you do this by pressing Ctrl+O to save, then Ctrl+X to exit. In vi, press :wq and then Enter.
  3. The changes will take effect immediately.

This way, you can disable privilege escalation for specific users or groups.

Warning: Be very careful while editing the sudoers file. A wrong entry can lock you out of your system or give users more privileges than intended.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Solverwp- WordPress Theme and Plugin