You are not logged in.

#1 2022-01-17 18:13:19

Ridwan Rawriet
Member
Registered: 2021-09-28
Posts: 33

[SOLVED] What about using su instead of sudo or doas?

Few months ago when some vulnerability named "heap buffer exploit" was detected in sudo, everybody was recommending switching to doas. Saying sudo has too many features that desktop users never use. People who uses it to run few superuser commands every now and then should use doas instead. It has lesser lines of code, hence lesser bugs and vulnerabilities.
This made me wonder, why even bothering with these programs when we've su? The next thing to come to my mind was the possibility of some security risk emerging because of frequently switching to root, typing root pass. But searching the web I've failed to find any evidence supporting this.

All the articles and videos I encountered people recommending to use sudo or similar over su were pointing out the following reasons:

1) Users may forget they're root and cause disaster by mistake. (In a single user system, being a little careful to exit or creating alias sudo="su -c" can mitigate this.)

2) Files created as root won't be accessible to regular users. (A bit inconvenient but running chown afterwards will fix everything.)

3) Using su instead of sudo means frequent use of sensitive info, the root pass. (A malicious program can do everything with a sudoer's pass that it can do with the root pass.)

So, is there any real security risk that comes with using su instead of sudo or doas?
Again, I don't care about all the super-convenient extra stuff that sudo or doas can do. I just need something that lets me run superuser commands occasionally.

Last edited by Ridwan Rawriet (2022-01-28 11:57:46)

Offline

#2 2022-01-17 18:45:15

ayekat
Member
Registered: 2011-01-17
Posts: 1,522
Website

Re: [SOLVED] What about using su instead of sudo or doas?

If you personally don't have any usecase for sudo other than "run this as root", then sure, why not. Nobody forces you to install and use sudo on your personal workstation. smile

some vulnerability

Security is hard, and it's easy to get things wrong (with sometimes devastating consequences), so yes, sometimes these things happen. But that is IMHO not a reason to argue for abandoning security measures altogether.

Sudo can do a lot more than just "run this as root". You can control who may run which commands under which user, with and/or without password. Plain `su` won't allow any of that unless you write some wrapper, but then… you'd be reimplementing sudo.

And IMHO the argument against handing out root PWs to everyone is still valid. With su, if you want to revoke root access for some user, you'd need to change the root PW. With sudo, you just revoke the access via sudo config (or group membership or whatever). Sure, it doesn't help much against a malicious breach, but it helps in most other cases (which are in my experience also a lot more common).


{,META,RE}PKGBUILDSpacman-hacks (includes makemetapkg and remakepkg) │ dotfiles

Offline

#3 2022-01-17 19:15:01

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 27,067
Website

Re: [SOLVED] What about using su instead of sudo or doas?

Ridwan Rawriet wrote:

1) Users may forget they're root and cause disaster by mistake.

Was this presented as an argument for sudo/doas over su?  I don't see how.  Any issue with this would apply just as much to any one of the three.  An argument about which is "better" sudo or su would have to highlight differences between them, not focus on concerns which are shared equally between them.

Ridwan Rawriet wrote:

2) Files created as root won't be accessible to regular users

Same as above: this applies just as much to sudo and doas as it does to su use.

Ridwan Rawriet wrote:

Using su instead of sudo means frequent use of sensitive info, the root pass. (A malicious program can do everything with a sudoer's pass that it can do with the root pass.)

The parenthetical note here is (or can be) wrong.  If you use su, anyone who is able to su anything can su everything.  With sudo user accounts can be granted sudo rights to excecute only specific programs.  This isn't always used and must be specfically configured, but this is a usecase for sudo that cannot be replicated with su.

For a while I just used su and had no sudo or doas.  I'm currently using doas, but I don't recall what - if anything - really drove me to use doas instead of just plain su.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#4 2022-01-17 19:39:31

Ridwan Rawriet
Member
Registered: 2021-09-28
Posts: 33

Re: [SOLVED] What about using su instead of sudo or doas?

Thank both of you for explaining it in such detail!
From this I can understand, in multi-user systems it's definitely better to use sudo. But where I'm the only user, shouldn't cause any issues.
Thanks again!!

Offline

#5 2022-01-17 20:01:44

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 18,648

Re: [SOLVED] What about using su instead of sudo or doas?

Trilby wrote:

[  If you use su, anyone

Of course, one needs to guard against constructs such as sudo bash or sudo su


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#6 2022-01-17 21:42:28

seth
Member
Registered: 2012-09-03
Posts: 30,961

Re: [SOLVED] What about using su instead of sudo or doas?

ewaller wrote:

Of course, one needs to guard against constructs such as sudo bash or sudo su

The usual punishment is to be hanged upside down ;-)

sudo --help | grep login
Ridwan Rawriet wrote:

But where I'm the only user, shouldn't cause any issues.

sudo also offers some convenience as you can whitelist commands w/o any PW requirements if you eg. deem "sudo pacman -Syu" harmless enough.
Worse than forgetting that you're in a root shell (easily enough mitigated by turning the shell colors white on red for the root shell rc…) is to forget an open root shell and leaving the system unmonitored…

Offline

#7 2022-01-17 22:04:40

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 27,067
Website

Re: [SOLVED] What about using su instead of sudo or doas?

As an experiment I just converted the couple of scripts I use that include 'doas' over to using 'su -c ...' and removed doas to see just what if anything I needed from it.

The first thing I ran into is not so important for scripts, but is relevant for interactive use: with su -c the whole command appears to need to be quoted in a single argument to the -c flag.  With both sudo or doas, if you typed out a command then realized it needed to run as root, you could simply prepend a single word to it.  With su, you need to prepend a word, a flag, a quote, and append a quote.  A shell function or wrapper script could make this more convenient - but then it'd be important to ensure the wrapper script (or shellrc file for a function) was only root writable.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

Board footer

Powered by FluxBB