Tags: Sudo Root
Setting up a Graphical Sudo Prompt on X.org
If you've installed a Linux distro that requires a little set-up (or you've
just tinkered around with your system a little) you'll have noticed that
there's a file called
/etc/sudoers. And there's probably only a few things
that you're looking at in this file: who can sudo and when.
sudo means "substitute-user do". As such it's pronounced as "suu-dew",
not "suu-dough." It allows one user to execute a command as another user; by
default (i.e. if one simply types
sudo <command>) the command will be
executed by root.
The principle of multi-user systems is this: every abstract
user on the
computer system ought to be treated as if it were owned and used by only one
human user on that computer. That is to say: when I am logged in as
(i.e. the super-user who can execute any command) the computer should treat
root, not as
yumi. Consequently I should act as
root would and
yumi would. Since computers are very good at following rules, as
long as I pass the criteria to masquerade as a different user this
abstraction is respected.
Instead of using
sudo, one may also use
su. These achieve the same
effect of masquerading as a another user; the only differences are that
sudo will execute only the passed commands and will prompt for your
password (given that you're allowed to run
simply log you in as the other user but will prompt you to enter that user's
You may have noticed that there is a line in the
/etc/sudoers file which
is as follows:
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
So if I am in the
wheel group, I may execute any command as any user
given that I know my own password. That makes me a little un-easy to
start with (What if someone knows my password? Now they can do anything!)
but if you are the power-user for the machine then this is a little safer
than logging in as root; thus I have found it useful for day-to-day
management and more convenient that logging in as
root with that lengthy
password all the time.
However attention must be brought to the next line of the
file as well:
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
Well, there is a group of such people who think this is no problem at all. Let me remind you that this actually is a problem: any scripts you execute at all have the potential to ERASE THE ENTIRE SYSTEM NO QUESTIONS ASKED WITHOUT EVEN KNOWING YOUR PASSWORD!!!
Consider: you. You download a script from Github that prints colors onto your terminal using ANSI escape codes. Further consider that this program is over 1000 lines long (it prints very pretty colors) and consequently you have no time to proofread every single line and verify that it genuinely does what you think it should.
If that program was written by a malicious user who intends to execute
sudo su (no matter how deep within the source tree such a command is
buried) and if you use
sudo without a password then you've been completely
fucking pwnt; the script which was previously executing as you is now
root and now can accordingly wipe the root partition, steal
passwords, install backdoors and generally raise hell. A clever malicious
user would not go straight for wiping the root partition for lulz but rather
would exploit your kindness / generosity in being so simple-minded and
install a key-logger to silently monitor your system until s/he found you so
boring that it'd be preferable to blow up your hard-drive rather than
steal your credit-card number.
But seriously, this is a breach of security to allow root access without a password.
Active Measures you can take Today to Secure your Friend
Use the first line recommended above: force users (even if they are in
wheel) to enter a password to
sudo; even further (and especially if you
are using a personal computer) I charge you to force logins everytime i.e.
remove the timeout by adding / editing the following line
That way you'll need to enter your password every command. If you need to do
a lot of systems administration work then I recommend logging in as
That's what the super-user account is for anyway, right?
If you'd like to execute a command which requires root persimmons via
key-bindings (in this example using a window-manager for X.Org) then you
will need a graphical prompt which allows you to enter your root password.
Fortunately such a program already exists and is called
*-askpass utilities are very simple; running the command will spawn the
prompt (not requiring that it be graphical at all; historically these
commands have mostly spawned in their own window) and will echo your input
stdout after you confirm your entry. They interface with applicable
ssh via special configurable variables.
ssh uses the special environment variable
SUDO_ASKPASS. These variables only need to be a part of the environment
which executes the
sudo commands for the graphical prompt to be displayed;
if a display cannot be found,
ssh will default to the typical
text-based input. The *-askpass utilities are widely available in the
repositories of many un/popular flavors of Linux; these types of programs are
so simple that even compiling one from source is hardly a hassle.
Once you've installed a *-askpass program (I recommend
x11-ssh-askpass) then I recommend also putting the following in your
if [[ ! -z $DISPLAY ]]; then
alias sudo='sudo -A'
.bashrc is executed by both login and non-login
terminals this will tell terminals which are part of an active X.org
ssh commands run in terminals on X.org will spawn the
password utility. If your window-manager is to execute
on your behalf then also put the above in your
~/.xinitrc without the
Graphical prompts (esp. full-screen ones) prevent me from careleslly typing
my password into a public chat room if my window becomes unfocused;
additionally one may command the window-manager to execute
Correctly setting up
sudo and optionally its
x11-ssh-askpass graphical prompt is
an important step forward to securing your personal computer / home-server;
I hope that you're able to take the knowledge exposed here and apply it to
your personal setup
- Last Modified
- First Written