I have one administrator user, X, and a few normal users, A, B and C.
When logged into one of the normal users, e.g. A, and doing something system administration, e.g. opening the Software program and upgrading packages, I am presented with user X’s password input field. When user X’s password is correctly entered, the system administration operation starts and successfully finishes, under user A’s session.
This is very strange to me. Why would a normal user, not an administrator, even be presented with the option of doing system administration things?
Is there a way of changing this (very strange) default behaviour?
It has been pretty standard to prompt for elevation in the GUI for a long time now (over a decade?).
This level of convenience is preferred by many. I am not aware of any mechanism to disable this functionality, but it likely exists as Linux is big on options in general.
At a lower level, it is my understanding, that this does not actually execute as user A but rather prompts to execute that process as user X once credentials are entered that process runs in the existing view, as auth succeeded, but is actually running as user X; not user X giving user A permission.
The process runs as root. Or better as if it would have been started with root. Hence the process has root’s privileges and can do whatever root can do.
It’s just that user X has the privilege to start processes in the name if root, which has to be confirmed by user X entering his password.
Every user can do this if the user is member of the group ˋsudoˋ. Alternatively ˋsuˋ can be user to get root privileges. I think if all members of the sudo group will be removed from the group than nobody can use sudo and your left with su. Better double check that by reading the debian docs or so. I don’t want that anybody gets locked out.
There’s your problem right there. Don’t tell “normal users” the password for user X (an administrator user) and there will be no need to override any behaviour.