Privilege Escalation in Linux Systems

Looking for a way to gain root access after establishing the initial foothold in Linux systems? Here are some things to look for to discover ways to escalate your privilege’s and possibly get root access.

Introduction

When setting up devices and establishing certain privilege along with them, it is important to only allow these devices and users to have the least amount of privilege needed to perform their intended function.

This correlates to a rule called PoLP (“Principle of least privilege”) that is used in information security to create greater security and provide less risk within an environment. An example of this could be seen in the creation of a user account that is solely used for creating backups, therefore this user does not need access to install software and only needs access to run backups and perform application backups.

The prior example could also be referenced by the term LUA (“Least-Privileged User Account”) which is used when the least privilege rule is applied to users. This means that all user accounts should run with as few privileges as possible and applications should only allow the needed amount of access for that specific user. These terms are widely known in the world of cybersecurity and are important to reference while designing secure infrastructure.