Windows Security – Why Non-Admin Users Can’t Install Software


This is probably something I don't understand since I am used to Windows
and am only starting out with Ubuntu. I know that software in linux comes in packages what I don't understand is why can't non-admin users install software.

I mean, every application is run by a specific user, and that user will
only be able to run that applciation with his privilages, so if he has
no admin privileges, the application also won't be able to access unauthorized
directories etc.

I want most of the time to work on my PC with a non-admin user since it seems
more safe to me, most of the time I have no need for admin privileges.
and even though I know viruses in linux are uncommon I still think the best
practice is to work on the computer in a state that you yourself can't
make any changes to important files, that way viruses also can't harm any important
files, but I need to install software for programming and web-design etc.
and first of all I don't want to switch users all the time.
But also it sounds safer to me that everything being done on the PC
will be done through the non-admin user.

I'll be glad to know what misunderstanding I have here, cause
something here doesn't sound right.

Best Answer

Why you're asked for a password

Most software is designed to touch sensitive files, i.e. sensitive to the security of your private data or the systems integrity. This is why software installation is a potential risk and should be validated by a user who knows what he is doing. Even for open source Software you can not be sure that no bad code bits arrive with your percious new audio player until someone checked. And even then something could have been overlooked or packages could be manipulated on the way. Who knows what's hidden in the depth of the program? One user should.

Ubuntu provides a comfortable way of installing software. Software developers can rely on that comfort and make the assumption that synaptic/software center/apt enables them to access these sensitive files. Canonical checks the software repository for bugs and malicious code. But the ultimate responsibility is yours.

If the software in question does not need access to sensitive files, it can (in principle) be installed in the home folder though not in the Ubuntu way. You will for instance have to compile the source code yourself or run a custom install script. Beside the greater efforts of that it has the disadvantage of not allowing other users access to your just installed program (as they have no right to access your home-folder). They will need to installed it a second time. So this way of installation makes no sense in a large scale and in a small scale it's usually easier to type a password than to install software manually.

So that's why Synaptic aaks for a password and why it's good that it does.


If you are really in dire need of having other users install software without password, you can add them to the sudoers list. This however will result in a great security risk. If that doesn't concern you, consider that there a bot networks out there with great resources to break into your computer via Internet. They do this just to add your computer to the net and use it's connection and computing power without your knowledge to do all sorts of illegal stuff. They are not even after your personal data your you for that matter. They just want to hijack your PC. Still not concerned? Really? Then look at the following answer which is a small how-to on the workings of sudoers list:

How to make Ubuntu remember forever the password after the first time

Read that carefully. You could lock yourself out of the system.

The scare is over

So now you have the scare behind you are and taking the matter seriously, I can tell you it's really not that bad. If you trust the people working on your computer, and you don't have programs installed that allow remote access to your system (e.g. an ssh- or ftp-server), then it's really not that dangerous to disable the password stuff. Just don't do it without considering the worst case and think of your private data.

Overlook on the proceedings (don't do this lightly - see text and link above):

# in shell type these commands
sudo su       # in case you do something stupid, you'll have a root shell open
select-editor # (optional) will allow you to select text editor
visudo        # secure way to open sudoers list

An editor will open ADD a line like this:

confus confusion=(root) NOPASSWD:/usr/sbin/synaptic,/usr/bin/software-center

Syntax explanation: username machine=(usernameToRunCommandAs) command1,command2,.... So the above line allows confus to run synaptic and softwarecenter as root without password query. You will still need to start it with sudo synaptic or gksudo synaptic or put an alias `alias synaptic='sudo synaptic' in your shell profile.