Understanding setuid and sudo

StackOverflow https://stackoverflow.com/questions/15400418

  •  23-03-2022
  •  | 
  •  

Question

I am trying to understand how sudo works in Linux userland and the Linux kernel. I'm not so much interested in it from a users perspective but I am more interested in understanding it from an implementation/kernel perspective. (I've debated on putting this on stackexchange vs superuser but I thought here would be the best. Feel free to move it if I made the wrong choice...)

So when the kernel is done booting it launches the init process which of course has the uid of 0. This then may launch other processes such as an ssh daemon. This new process inherits the uid of its parent, e.g. 0. sshd now also launches child processes, one for each connection. Authentication of the user attempting to login is then done, whether that be via the passwd file, shadow file, pam, etc. Once sshd has authenticated a user through whichever method it uses, it does a call to setuid/seteuid to change the processes uid. Now my understanding is a program can only go from root to another user and not from user x to root or user x to user y (is that correct?) (with the setuid call?)

Therefore in this regards the kernel really only knows about a uid which is assigned to files, processes, etc. The authentication into a user account is controlled in userland and secure by only allowing a root program to drop into an non-root program.

So my question is, if the above is correct how does sudo work. How does my terminal which is currently running my non-root account temporary switch to root permissions? Does it interact with a sudo process? If the above is wrong, even a little I would love to know where I am wrong.

Was it helpful?

Solution

If you take a look at the sudo binary you will see it has the setuid permission bit set on the executable. This indicates to the kernel that it should always be executed with the uid of the owner of the executable file, in the case of sudo that is root. Once sudo is running as root it can do the necessary authentication and a setuid-syscall before the fork/exec.

---s--x--x. 2 root root 219272 Jul 17  2012 /usr/bin/sudo

If you note the 's' and the owner you will see what I mean.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top