Interview: Inventing the Unix “sudo” command

sudo_final

It was just one of these nights. We were sitting at the O’Neil’s San Mateo Pub, taking a break after a long day at the Maker Faire. Hackaday was hosting an informal drink-up and a steady stream of colorful characters has just started flowing in. That’s when we met [Robert Coggeshall].

It started off as a normal discussion – he runs Small Batch Assembly and does a lot of interesting things in the maker space. Then he brought up a fascinating detail – “Oh, did you know I also co-invented sudo back in the 80’s?”

If you ever did as much as touch a Unix system, you’ll know this is a big deal. What came as an even bigger surprise was that something like sudo had to be “invented” in the first place. When thinking about the base Unix toolkit, there is always this feeling that it all emerged from some primordial soup of ideas deep inside of Bell Labs, brought to life by the infinite wisdom of [Ken Thompson] and the rest of the gang. Turns out that wasn’t always the case. We couldn’t miss asking [Bob] for an interview, and he told us how it all came about…

[Read more...]

Rotary dial authenticates sudo commands

[W1ndman] won’t win any security awards for this build, but it’s an interesting idea. On many Linux-based systems commands can be run with administrator privileges by prefacing them with the keyword ‘sudo’. Normally you’d be asked for a password but [W1ndman] used the Pluggable Authentication Modules (PAM) to authenticate via his own shell script. That script checks a code from this rotary dial for authentication. An Arduino takes care of listening for each digit that is entered and then sends the code via USB for comparison with a stored file. We’re not sure if that stored code is in a plain file or is otherwise protected, but at the very least this prevents you from using ‘sudo’ willy-nilly.

Follow

Get every new post delivered to your Inbox.

Join 92,307 other followers