Share via:

The Problem with Sudo and GUI Applications

About the problem with using sudo with graphical programs in Linux.

1970 views
d

By. Jacob

Edited: 2018-11-20 21:15

Disable Ubuntu guest session

There has been a lot of confusion about running GUI applications in Linux using the sudo command, in this article, I will try to clear up some of this mess.

Running graphical programs using sudo in Ubuntu is basically fine – in many cases. However, in some freak cases it might cause problems! However, I have not encountered these myself yet.

Traditionally some Linux users would recommend the use of gksudo instead, but this has been removed in recent versions of Ubuntu, and will need to be installed before we can use it. Relying on it is discouraged, since it might be removed in the future. This is a problem, as it seems we have no other "easy" to use alternative, and updating apps to use PolicyKit can be a larger task for developers.

To install gksudo simply run this in a terminal (Will not work on Wayland):

sudo apt install gksu
gksu-properties

If you are using Wayland, you can disable the security preventing you to run GUIs as root. But I do not recommend doing this. Instead you better use xorg until wayland is better supported. Also, read the discussions linked at the bottom to better understand the problem.

xhost si:localuser:root
sudo -i nautilus

When done, remove permissions:

xhost -si:localuser:root

If anyone has corrections or additional information, feel free to comment below, and I will try to update the article ASAP.

Running graphical (GUI) programs as root

One problem with using plain sudu is that you are running the program as your own user with elevated privileges, which means that your $home directory will still be your own, while you will be running the program with root privileges. Obviously, it is not hard to imagine that this could cause problems in some cases. It could in worst case change the ownership of your personal files to root and prevent you from booting up the system.

Running graphical applications with root privileges is not bad in itself, and has been the norm for years. With Wayland, this seems to be disallowed by default, and applications will instead have to be updated to use polkit.

It has been, and still is, common for desktop users to run the file manager (Nautilus in Ubuntu) as root when installing programs and performing system tasks, because it is usually faster and easier than typing commands in the terminal. Desktop users, in particular, prefer using GUIs, and there is nothing wrong with that. Even some system administrators prefer it at times. What is a very serious problem, however, is the fact that Linux does not yet offer a decent GUI/desktop experience due many such silly problems.

I really hope that Linux developers will be more smart about this in the future, so that users will not accidentally mess up their systems. Maybe one way to improve Ubuntu, would be to use Nemo instead of Nautilus, since it comes with a open as root feature, and also includes compact view. Both features a veteran desktop user would likely expect out-of-the-box.

Since gksudo is no longer available, what should you use instead? The answer is simple. Currently the official recommendation seems to be that you use gksudo (Ubuntu) or kdesudo (Kubuntu). But, confident users may also use normal sudo or sudo -i.

Using sudo -i or sudo -H

You will often see recommendations to either use sudo -i or sudo -H. For the most part, these seem to be safe. However, while they correctly set the $home and $PATH variables, they will leave out $XAUTHORITY. So, this sadly appears to be a very complex issue. It makes me wonder why anyone would want to remove gksudo, without creating an alternative. It degrades the desktop experience significantly.

Instead of using those, it might be better to install gksudo.

If you are confident that nothing will happen as a result as using sudo with your particular application, you may do like below:

sudo -i [program name]

The -i ensures that the program will be run as root in the root environment, including using the $home directory of root rather than the environment of your user. I have personally never run into problems while using sudo -i. However, it is worth considering alternative solutions.

Tip: The Nemo file manager has a Open as root right-click feature, which you can use instead of working with the Terminal.

You should make sure to close any applications and terminal windows with root access once you are done using them, but this is likely most relevant for system administrators, and if you are worried that someone with physical access to the system might take advantage of the situation.

The problem is also with developers of certain applications, such as Nautilus and gedit. They should include a root option out of the box. Or, distributions, such as Ubuntu, should shift to another app that includes it, since desktop users expect such basic features.

Running Programs as root is insecure

I personally think this argument is irrelevant to non-developers. It assumes the code the user is running is compromised, which may be useful to developers trying to create more secure GUI applications. But, it does little to address how users and applications currently behave in the real world.

The argument is also not completely true, since running any application or code as root can be insecure. Not just GUI applications!

But, it is true that GUI applications often will be larger than basic CLI applications (Programs you run in a terminal), and as such, they are harder to review for malicious code and bugs. The same can be said of very large CLI applications.

When it comes to the few GUI applications that still needs direct root access... This is likely limited to applications such as Gedit, Nautilus or GParted. Currently, it is not possible to run these in a straight-forward, secure, manner for non-technical users. In these cases, I do not really think it is useful to point users towards complicated solutions.

Inform users of the small risk, and then tell them how to do it. These programs are often run as root by users, and as far as I know, no one has reported any security problems by doing so, using one of the traditional means (I.e. gksudo or kdesudo).

However, according to discussions around the internet, like this one, full root-access is in not necessary for GUI applications. Instead, apps should be updated to use PolicyKit or D-bus. Wayland is known to cause problems with GUIs and sudo, which was/is discussed by developers.

Dangers in using plain sudo

For the most part, the only problem with using plain sudo is that you will be running the application with your own users environment. The problem can be seen when checking the $HOME and $PATH variables after running the different variants of sudo. I.e.:

k@DreamMachine:~$ sudo -i
[sudo] password for k: 
root@DreamMachine:~# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/snap/bin
root@DreamMachine:~# echo $HOME
/root
root@DreamMachine:~# 

In this case the $HOME path was correctly set to /root which is what we want for GUI applications. This avoids the problem where some programs might change the ownership of your own users files to root, and thereby potentially ruining something.

Links

  1. Graphical sudo - ubuntu.com
  2. [wayland] can't run application as root using sudo - gnome.org
  3. sudo with graphical apps doesn't work on wayland - redhat.com
  4. Graphical applications can't be run as root in wayland (e.g. gedit, beesu, gparted, nautilus) - fedoraproject.org

Comments