Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

To Sudo or Not to Sudo? That is the question

John Worrall, Chief Marketing Officer, CyberArk | Aug. 13, 2015
Pros and cons of taking the sudo route to controlling user privileges in file access.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

It is no secret that privileged accounts represent a significant vulnerability, given their pervasiveness and powerful access to the most critical assets. One challenge with managing privileged accounts is that many IT professionals require privileged access to perform their jobs, but they do not need privileged access to the entire network or to all commands or programs that could be executed. When excessive privileged access is granted, IT professionals could accidentally or intentionally damage critical systems and gain access to confidential data.

Therefore, the principle of least privilege has been introduced as a way to mitigate the risks associated with privileged account usage. The principle states that entities should only have access to the resources and information that are necessary for their job function.

One approach to enforce least privilege is an open source solution called sudo (superuser do). This allows Unix users to access and authenticate to a system with a personal account and escalate privileges to superuser or root to run privileged commands.

There are two very compelling reasons to "sudo."

First, it is a free solution. Organisations frequently use sudo to enforce least privilege policies because it is a free solution. Fighting for IT budget is a common challenge. When budget has already been allocated to other projects and solutions, sudo offers a way for organisations to install a solution with no upfront costs.

Secondly, it also adds some security to root. Sudo adds a level of security to the IT infrastructure by limiting root access on Unix machines. With sudo, users are required to login to Unix machines with their personal account and escalate to root via the sudo command when needed. This allows organisations to store and manage the root credentials in the local sudoers, adds protection to root and enforces individual accountability for each user is actions while using root.

The initial cost of sudo is free, but as with everything in life, you get what you pay for. It is important to keep in mind that with an open source solution, deployment, customisation and support of the solution are not free, resulting in a higher than expected total cost of ownership.

In theory, sudo is designed to improve the security around root access. In reality, there are some drawbacks to sudo that make its security capabilities questionable.

Firstly, sudo is inherently a local solution, therefore sudo polices are created, managed, and stored locally on each target machine. Users can easily escalate to root to access to the sudoer file and change policies to grant additional permissions, delete logs to cover their tracks, etc. As a result, there is no integrity to the data that sudo is collecting.


1  2  Next Page 

Sign up for CIO Asia eNewsletters.