sudo is the magic word in Unix-like world. It grants normal users with administrator access, right?
Actually, that is not so true. The correct way to describe it, which you can find in man sudo, is that
sudo allows a permitted user to execute a command as the superuser or another userSo how does sudo work to serve that purpose? The answer is the user-setting bit in the permission.
First, let's check the permission of your shell program. Here is an example from my system.
% ls -l $SHELL
-rwxr-xr-x 1 root root 858K Feb 24 2020 /bin/zsh*You can see the permission string is -rwxr-xr-x. This is normal, as expected. Then let's take a look at sudo.
% ls -l `which sudo`
-rwsr-xr-x 1 root root 163K Jul 15 2020 /usr/bin/sudo*Oh, we can see the permission string is a little uncommon. It is -rwsr-xr-x. An x is replace by an s. That is the user-setting bit. It allows the program is executed with the owner of the file as the effective user.
Technically speaking, at the moment the sudo process is running, it already runs as root (or the system administrator), and it can do whatever it wants. However, for security reasons, of course it validates if the actual user has permission (set in the sudoers file).
Be careful when try the following code and make sure your system is free from unexpected access
Then what if we remove such validations? We can try it by compile a simple shell-like program, and change its permission in the same way sudo has.
The C code is like this