SUD 01: Understanding the usage of UNIX Socket in SUD to avoid the use of setuid

The Super User Daemon (SUD) utilizes UNIX domain sockets to allow unprivileged clients to communicate with the privileged daemon. This communication enables the clients to request elevated privileges securely, ensuring controlled access to administrative functions without granting direct root access.

Architecture of SUD

SUD follows a simple yet effective architecture. It consists of a privileged daemon running with root permissions, which listens for incoming connections over a UNIX socket. When a client connects to this socket, the daemon authenticates the user and, if authorized, executes the requested command with elevated privileges.

SUD 00: The setuid flag, how it works and why I don't like it

In Linux, the setuid (Set User ID) flag is a special file attribute setting that allows a program to execute with the privileges of its file owner, typically root, regardless of the user executing it.

When a program with the setuid bit set is run, the process inherits the file owner’s user permissions rather than the permissions of the user running the program. This functionality was crucial for commands like su (substitute user), which allows a user to switch to another user account (often root) to perform tasks that require higher privileges.