Isn’t it enough to just enter your password once to login, then receive a warning whenever you’re about to do something potentially dangerous?

If it’s such a big security risk, how come the most popular and widely used operating systems in the world and their users seem to be unaffected by it?

I guarantee, most new users coming to Linux from Windows/macOS are going to laugh and look at you funny if you try to justify entering your password again and again and again.

  • Max-P
    link
    fedilink
    156 months ago

    Mac uses TouchID for the most part in the GUI, but CLI sudo still asks for your login password, although it can be configured to ask for TouchID as well. The GUI does fallback to having you enter your password if somehow you have a Mac without TouchID.

    Windows uses the UAC thing which currently we don’t have a great way to do on Linux but should be possible with Wayland (on Xorg you’d just need to script clicking yes and bypass user approval because there’s no security). On Windows when the UAC popup pops up and you click yes, you’ve done the equivalent of entering your password. In enterprise settings, it’s not common for it to be configured to actually ask your password, or ask the password of an admin account. So no it’s not “good enough” even on Windows under some situations.

    On Linux you can configure sudo to use the fingerprint reader or a security key if you want. PAM stands for Pluggable Authentication Module, you can do whatever you want. You can also make it no password at all and sudo just automatically gives you root no questions asked.

    The security use case is to prevent software running as your user to have an easy path to getting to root without some form of user approval. That also means if you walk off your desk to refill your coffee nobody can sneak behind you and plop a USB with malware, click yes and leave.

    It’s doable on Linux with some PAM and Polkit tweaks, just not how it’s shipped by default because it’s better users voluntarily reduce their security settings than defaulting to minimal security like Windows used to (in particular the XP days before UAC, and UAC did annoy a lot of people when it came in with Vista and 7).