Menu
In a UNIX like system, we have a user mode and a kernel mode. There are some instructions which cannot be accessed in the user mode. However when we do sudo, we can access many critical sections of our OS, perform critical actions.
My question is: When a program is executed in the sudo mode, does the whole program run in kernel mode? Or is it the case that the sudo mode is simply an administrative user whose powers are a mere subset of the operations which can be performed by the kernel?
267
In kernel mode, the program has direct and unrestricted access to system resources. In user mode, the application program executes and starts. In user mode, a single process fails if an interrupt occurs. Kernel mode is also known as the master mode, privileged mode, or system mode.
kernel mode and root are two separate ideas that aren't really related to each other. The concept of running a process as root is a unix/linux term that means you're logged in as the administrator of the system. Any process you run, whether as root or a normal user, generally runs in both user mode and kernel mode.
The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures.
Kernel mode, also known as system mode, is one of the central processing unit (CPU) operating modes. While processes run in kernel mode, they have unrestricted access to the hardware. The other mode is user mode, which is a non-privileged mode for user programs.
Yes, a huge difference between sudo and kernel mode.
Kernel mode is related to CPU modes. Most processors (in particular all running a common Linux kernel, not a µCLinux one) e.g. your Intel processor inside your laptop have several modes of operation, at least two: the privileged (or supervisor) mode where all machine instructions are possible (including the most unsafe ones, like those configuring the MMU, disabling interrupts, halting the machine, doing physical I/O i.e. sending bytes on network, or to a printer or a disk) and the user mode where some machine instructions are prohibited (in particular physical I/O instructions, MMU configuration, interrupt disabling, etc...)
On Linux, only kernel code (including kernel modules) is running in kernel mode. Everything else is in user mode.
Applications (even commands running as root) are executing in user mode, and interacting with the Linux kernel thru system calls (and this is the only way for an application to interact with the kernel) listed in syscalls(2). So application code sees a "virtual machine" capable of doing syscalls and executing user-mode instructions. The kernel manage the authentication and credentials (see credentials(7) & capabilities(7) ...)
sudo is simply giving a command (using setuid techniques) the permissions for root (i.e. user id 0). Then, some more syscalls are possible... But the command (i.e. the process running that command) is still running in user mode and uses virtual memory and has its address space.
119
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
