Operator On The Wire
← Back to Knowledge Base
OOTW / Chapter I - Foundation / 01. Operating Systems / Linux / 04. Privileges

Privileges

Every action performed on a Linux system occurs within a security context.

Some actions require little trust:

  • Reading public files
  • Viewing system information
  • Executing personal scripts

Other actions require significant trust:

  • Installing software
  • Creating users
  • Modifying services
  • Reading sensitive files
  • Changing system configuration

Linux controls this through privileges.

Privileges determine what an identity is permitted to do.


What Is a Privilege?

A privilege is the authority to perform a specific action.

Examples:

ActionPrivilege Required
Read own filesUsually no elevation
Read another user's filesDepends on permissions
Install packagesUsually elevated
Modify other users' servicesUsually elevated
Create usersElevated
Reboot systemElevated

Privileges determine what actions are possible.

Permissions determine which resources are accessible.

The two concepts are closely related but not identical.


The Principle of Least Privilege

Linux follows a simple security principle:

Give only the access required to perform a task.

Examples:

AccountIntended Access
aliceDaily work
www-dataWeb server
mysqlDatabase service
rootAdministrative control

This reduces risk when accounts are compromised.

If a web server runs as root and becomes compromised, the attacker inherits root privileges.

If it runs as a restricted account, the damage is limited.


Root

The highest-privileged account on Linux is:

root

Root possesses:

  • UID 0
  • Administrative control
  • Ability to manage users
  • Ability to manage services
  • Ability to modify system configuration
  • Ability to access most files
  • Ability to install software

Root is often referred to as the superuser.

Root is not a permission. Root is a user account.

The privileges associated with root primarily exist because root possesses UID 0.

Linux ultimately trusts UIDs rather than usernames.


Why Root Exists

Many administrative actions require unrestricted access.

Examples:

  • Installing software
  • Managing services
  • Creating users
  • Modifying networking
  • Updating the operating system

Rather than granting every user full control, Linux centralizes administrative power within root.


Becoming Root

Administrative tasks are often performed by temporarily obtaining root privileges.

Examples:

sudo bash
sudo su
sudo systemctl restart nginx

The exact mechanism depends on system configuration.


Sudo

Most administrators do not log in directly as root.

Instead, Linux commonly uses:

sudo

which stands for:

Superuser Do

Sudo allows approved users to execute commands as another user, commonly root.

Example:

sudo apt update

The command executes with elevated privileges while the user remains logged in as themselves.

However, sudo can also be used to impersonate other users as well.

Example:

sudo -u postgres bash
sudo -u www-data bash

Why Sudo Is Preferred

Direct root usage creates problems:

  • Reduced accountability
  • Shared administrative access
  • Difficulty auditing activity

Sudo provides:

  • Auditing
  • Controlled privilege assignment
  • Reduced root usage
  • Better accountability

Many enterprise environments prefer sudo over direct root access.


Sudo Configuration

Sudo behavior is typically controlled through:

/etc/sudoers

and

/etc/sudoers.d/

These files determine:

  • Who may use sudo
  • Which commands may be executed
  • Which users may be impersonated

SUID

Linux provides a special permission known as:

SUID

(Set User ID)

When applied to an executable, the program executes using the owner's privileges rather than the caller's privileges.

Example:

-rwsr-xr-x

Notice:

s

replacing:

x

in the owner's execute position.


Why SUID Exists

Some programs require elevated access to perform specific tasks.

A common example is:

passwd

A normal user may change their password.

However, password information is stored in protected files.

SUID allows the program to perform the necessary privileged operations without granting the user full root access.


Security Implications of SUID

Misconfigured SUID programs can create privilege escalation opportunities.

Questions Operators commonly ask:

  • Which SUID binaries exist?
  • Are they expected?
  • Are they vulnerable?
  • Can they be abused?

Many Linux privilege escalation techniques involve SUID binaries.


Capabilities

Historically, Linux privileges were largely binary:

StateMeaning
RootFull privileges
Non-rootRestricted privileges

Capabilities provide a more granular approach.

Instead of granting all privileges, specific privileges may be assigned.

Examples:

CapabilityPurpose
CAP_NET_BIND_SERVICEBind to privileged ports
CAP_NET_ADMINNetwork administration
CAP_SYS_ADMINBroad administrative capabilities

Capabilities help reduce the need for full root access.


Why Capabilities Matter

Without capabilities:

Need privileged operation
→ Run as root

With capabilities:

Need privileged operation
→ Grant only the required capability

This improves security by reducing excessive privilege.


Privilege Escalation

Privilege escalation occurs when a user gains privileges beyond those originally granted.

Examples:

Starting ContextEscalated Context
aliceroot
www-dataroot
mysqlroot

Privilege escalation may result from:

  • Misconfigurations
  • Vulnerable software
  • Weak permissions
  • Dangerous SUID binaries
  • Excessive sudo rights

Operator Perspective

When approaching an unfamiliar Linux system, Operators commonly ask:

Root

  • Is root accessible?
  • Is direct root login allowed?

Sudo

  • Who can use sudo?
  • What commands are permitted?
  • Is sudo usable without a password?

SUID

  • Which SUID binaries exist?
  • Are any unusual or custom?

Capabilities

  • What capabilities are assigned?
  • Are they excessive?

Services

  • Which users run services?
  • Do services run as root unnecessarily?

Understanding privileges often determines whether an Operator can move from initial access to full system control.


Key Takeaways

  • Privileges determine what actions may be performed.
  • Root is the highest-privileged account on Linux.
  • Root is identified by UID 0.
  • Sudo allows controlled privilege elevation.
  • Sudo configuration is typically stored in /etc/sudoers.
  • SUID allows executables to run using the owner's privileges.
  • Capabilities provide granular privilege assignment.
  • Least privilege is a core security principle.
  • Misconfigured privileges frequently lead to privilege escalation.
  • Understanding privileges is essential for both defenders and attackers.

The next lesson explores how Linux systems communicate with one another through networking.