Are user files still private when two sudo users exist in Ubuntu?

If your colleague is in the sudoers list he is root as much as you if he wants it (and he can impersonate you too), and then he can see everything.

This is the worst setup you can have if you want user privacy. You should definitively read into how user management on Linux works. Here are a few articles yo can start with:

  • https://help.ubuntu.com/stable/ubuntu-help/user-accounts.html
  • How to manage users and groups?
  • https://help.ubuntu.com/community/EncryptedHome

And even then if someone has physical access to the machine in question, there is no privacy, he could drop at boot into a root shell and see everything no matter what, and if this would be password protected he could still use an USB stick and go in on this way.

So best thing in that case is proper user management, password for root, and encrypted drive and/or encrypted home directories.


A simple alternative is to keep your private data in an encrypted file (could be a tar archive file, that you encrypt, for example with gpg). You must remember to overwrite and remove the clear text files after looking at them.

Another alternative for all of you who share a computer and sudo (root) access is to use encrypted home and encrypted swap.

But this will not help, if you are logged in at the same time. As a matter of fact you have to reboot the computer to get rid of your files in clear text format even with encrypted home.

In general security is very difficult, and a single user system with encrypted disk (LVM with encryption) would be the simplest way to keep things secure.

  • Do not store sensitive private data in a shared computer
  • Do not store private data in a computer that belongs to your employer

Once you are able to get root permissions (e.g. using sudo ,su,etc).
You have full access to every file on the system.

So both of the users which have sudo permission, and can became root using sudo bash will have full access to every file on the system

According to this Q&A in SE-Security: You might be able to modify SELinux (which isn't Ubuntu) in order to limit root access:

If your question is "can I easily and safely do this now?" the answer is no. If your answer is "I am prepared to learn about SELinux, get down and dirty with my distribution and put up with quite a lot of things not working" the answer is it is possible to constrain root much more than your average install. That said, this does not in any way make you invulnerable to exploits - it does not make it impossible for a user to circumvent this extra access control either in software or physically.

Tags:

Permissions

Sudo

Recent Posts