This page will definitely need editing, in the future, because I'm not an expert on Unix/Linux security.
If you'd like, you can skip right down to the discussion of the sudo command.
This page discusses security in Ubuntu — which is, really, security in Linux.
For better or for worse, security is an important issue for any computer system. Because there are so many people trying to do malicious things — or people who don't know what they're doing, who might accidentally do bad things — systems need to be “secured,” so that only authorized users can perform certain actions.
As an example, take formatting a hard drive. When you format a hard drive, you remove all of the data that was on it, and start with a clean slate — so you really only want to format a hard drive under very limited circumstances. Like when you're first setting up a computer. If someone were to format my hard drive — whether for malicious reasons or just because they did it by accident — I would lose a lot of valuable data. So I need to make sure that my hard drive doesn't get formatted, unless I really want it to.
This is where permissions come into play. Although the terminology might be different, any computer system has the concept of permissions or privileges. If you don't have a certain privilege on a computer, you can't perform that action. This way, computer administrators can make sure that only authorized users can perform these actions, and limit other users to “safer” actions.
Using the example of formatting the hard drive, a user won't be able to do this unless they have that permission. If anyone else tries to format the hard drive, the operating system will stop them.
Of course, all of this depends on the users' logins. The permissions are assigned to login names.
This is all well and good, but I'm sure you can think of many, many actions that you'd want to limit access to. And maintaining all of these permissions for all of your users would be time consuming and cumbersome at best, and error prone at worst.
This is why the concept of a user group was invented. With groups, security becomes a two-step process, whereby you assign the appropriate permissions to the group, and then assign users to the group. For example, you might define a group called “Administrators,” and assign all of the permissions that an administrator might need to that group. Then, when you need to make a user an “administrator,” instead of assigning all of the permissions to the user one by one, you can simply add the user to the group. (Similarly, if a user should no longer be an administrator, s/he can simply be removed from the group, instead of having to remove the permissions one by one.)
The “root” user
In the Unix world, there is an additional, special user, called the “root” user.
This is the part I have the least expertise on.
This “root” user — sometimes also called a “superuser” — is a special account that has permissions to do anything. It is very common, on Unix systems, when installing software, to have to “log in as root” during a certain part of the installation process, to enable aspects of the software that you would not normally be able to do. (This might be accomplished by physically logging into the machine as root, or it might be accomplished by using the su command, or something similar. Click here for more information on the su command.)
In the Unix world, malicious software often uses various tricks to “gain root,” which allows them control of the system.
Security in Ubuntu
This section discusses the Ubuntu approach to security1, which is based on the Unix approach.
The sudo Command
I mentioned the su command above, which allows the user to change their credentials to that of the superuser. (Where `su' stands for superuser.) A related command, and the command that is used on Ubuntu, is sudo (superuser do). sudo is like su, but gives more granularity as to what a user is allowed to do, rather than simply giving the user full root access.
When you use the sudo command, the first thing Ubuntu will do is ask you for your password. (This is important, because if you leave your workstation unattended, and someone else sits down in front of it, they would have access to anything they wanted.) Once you have re-authenticated yourself, Ubuntu checks the /etc/sudoers file, to see if the user has permission to perform the task at hand.
sudo can be used in front of any command, to perform that command using root permissions. For example, if I wanted to edit the xorg.conf file, I wouldn't be allowed to by default. However, from a command prompt, I can type in this, and allow myself to edit it as the root user:
$ sudo gedit /etc/X11/xorg.conf
This tells Ubuntu to launch the gedit text editor, and edit the /etc/X11/xorg.conf file, but to do so as if the user is the root user. If I type in this command, I'll first be prompted for my password, and if I enter it correctly — and if my user account has permissions to perform this action — the gedit application will be launched, and I'll be able to edit the file.
Similarly, I could make a backup of the file by doing this:
$ sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf.bak
This will execute the cp (copy) command, to make a copy of the xorg.conf file, named xorg.conf.bak.