Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • Resources
  • Successfully Securing the Open Source Enterprise Privileged User Management in Linux Environments current page
Link copied

Successfully Securing the Open Source Enterprise Privileged User Management in Linux Environments

Resource default
Successfully Securing the Open Source Enterprise Privileged User Management in Linux Environments

Get Instant Access to this Content

Learn more about how to secure your business from threats in places you didn't even know existed.

UNIX BACKGROUND

To understand how the current solutions for the delegation of system administration are structured, it is important to understand the way that UNIX was originally designed and specifically the methods that were offered in this original design to manage the delegation of admin tasks. Originally, there were just two different kinds of UNIX processes: privileged processes and unprivileged processes. An unprivileged process was limited in its way of performing system functions, where privileged processes were designed to bypass all restrictions. To execute privileged processes, the root user account was used: a user account with no limitations whatsoever. From the beginning, the concept of the root account was designed to perform system administration tasts without limitation whatsoever.

SUDO

To help normal (unprivileged) users run administration tasks, several solutions were created. One of them was sudo. The purpose of sudo (short for superuser so) was simple: connect a user or a group of users to a privileged process of commands. Sudo allows normal users to run root tasks. Stated otherwise, sudo allows normal users to start a task that creates an environment in which these normal users are roo, and if for any reason there is a backdoor or bug in such a task, there is a risk that through that task, the user gets complete root access. However, before further zooming into sudo particularities, let us have a look at the supported mechanisms that are offered by the UNIX and Linux operating systems.

CAPABILITIES

Since about the year 2000, when the first 2.2 Linux kernels were released, the feature of “capabilities” was introduced in the kernel with the purpose of offering more choice than just that between privileged and unprivileged processes. A capability determines rights to specific tasks, such as changing of ownership (CAP_CHOWN), changing of permissions (CAP_CHMOD), or the capability to terminate running tasks on a server (CAP_KILL). In total, there are about 32 capabilities, and the idea of using these was to define in a more granular way what exactly a process or thread is allowed to do.

And this works fine for system processes that are started with an unprivileged user account. However, it does not work that fine for a system task that was started by the root user, because if the real user ID that was used for executing a task is zero, all capabilities are enabled. Therefore, capabilities are a partially useful attempt to limit the way administration tasks are performed, but for a modern global enterprise, they are not enough.

Capabilities are a large step forward to a more secured environment, but their effectiveness is related to the user account that runs a task. That is why in current Linux it is not that easy to use capabilities for the delegation of system administration tasks. An example of a service that does use capabilities is AppArmor of SELinux. These security mechanisms, both based on the security framework in the Linux kernel, allow administrators to set-up profiles that limit the things that programs can do in the operating system. In that profile, the application is allowed to use certain capabilities and access certain files, while at the same time it blocks access to those that are not in the application profile. Although seen as an important step forward in offering better security for Linux, these solutions do not handle the particular needs that are required for the efficient delegation of system administration tasks.

Resources
Successfully Securing the Open Source Enterprise Privileged User Management in Linux Environments
Share this Article
  • Link

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.