• lemmyvore
    link
    fedilink
    English
    27 months ago

    A non privileged user doesn’t have the access necessary to run a program that can accomplish this.

    It would be a script called “sudo” somewhere in your PATH. You type sudo, you give it your password, done.

    • Kata1yst
      link
      fedilink
      37 months ago

      That’s called ‘privilege escalation’, and replacing system level calls with user level calls is closely watched for and guarded against with many different security measures including SELinux.

      You’ve already outed yourself multiple times in this thread as someone who doesn’t understand how security in the real world works. Take the L and try to learn from this. It’s okay not to understand something. But it’s very important to recognize when that happens and not claim to understand better than someone else.

      • lemmyvore
        link
        fedilink
        English
        17 months ago

        It’s not privilege escalation because it doesn’t subvert the correct authentication mechanism, it leverages it. This particular technique is called UI input capture. It’s a script that shows a password prompt then uses your password to do things as root. Nothing untowards would be detected. The main defense is to always run commands with full path – which nobody does.

        Separating the process of reaching root in two steps does nothing to improve security, it actually increases complexity and subverts security. If the system is set up to SSH as root you either have a good key or you don’t. If you force people to SSH as individual users and then use a complex mechanism to reach root you create opportunity for a hundred more attack methods, and add a false sense of security.

        Input capture btw is not the only method. Sudo has a lot of them. Another very common one is leveraging the password cache timeout.

        You’ve already outed yourself

        How about we skip the dick measuring contest and we stick to the discussion at hand.