Linux sudo & Privilege
Status: Scaffold — content in progress
sudo allows non-root users to execute commands with elevated privileges based on the /etc/sudoers policy.
Sudoers Policy
username ALL=(ALL) ALL ← full sudo
%admins ALL=(ALL) NOPASSWD:ALL ← group, no password
user ALL=(ALL) /bin/systemctl ← restrict to specific command
Common Misconfigurations
| Misconfiguration | Escalation |
|---|---|
NOPASSWD with ALL | sudo as root without password |
ALL=(ALL) with wildcard command | Inject arguments to escape restricted command |
Sudo with environment variables (env_keep) | LD_PRELOAD → arbitrary code as root |
| Sudo to read files | sudo less /etc/shadow → shell escape |
| Writable script called by sudo | Replace script content |
Telemetry
/var/log/auth.logor/var/log/secure: sudo usage- PAM logs: sudo authentication
- auditd: syscall-level privilege use
Cross-Links
| Topic | Link |
|---|---|
| Linux PAM | linux-pam |