How to Scale Permissions on Linux With Sudo and Su

Every administrator will have to use Linux to increase privileges. Windows is a lot more flexible when performing administrative tasks. It is easy to escalate privileges using the Windows UAC prompt.
Many IT professionals at entry-level don’t realize that even though they have an administrator account, they still need to escalate user permissions in order to perform administrative tasks within Windows.
Linux isn’t all that great, however. In Linux, escalating privileges can be a deliberate act. Let’s talk about how to escalate privileges in Linux, and why you might want to do so.
Why Escalate Privileges in Linux
It is possible to be dangerous working with many parts of a computer system. Editing these components can cause problems such as a computer not starting properly, disabling service, damaging hardware, and security issues. Windows and Linux require elevated privileges to modify these components.
Everything LinuxRelated Training from SPOTO
Start trainingModern operating system gives system administrators the ability to secure the OS using user accounts and privileges. This allows normal users to access and use a computer to do their job without having to hack it. System administrators can still perform the complex tasks of system administration required to keep computer systems running.
These OSes assume that anyone who can increase privileges in an OS must be an administrator. They also know what they’re doing. The OS then passes security and maintenance responsibility to the system administrator.
It is also possible to lock certain tasks behind user privileges as a security measure. The OS can prevent malware from making system changes by requiring input from the user to increase privileges. This can stop malware from installing software on a computer automatically.
How to Scale Privileges in Linux
Standard Linux user accounts cannot perform administrative tasks by default. Linux does not have an administrative account like Windows. Let’s go back a moment. Administrator profiles are available on all operating systems. Sort of.
Operating systems allow users to set permissions and capabilities. These permissions and profiles define the tasks that can be done in an operating system. Windows defaults to three types of user account profiles:

These three types of account profiles are just profiles with pre-configured permissions. These permission levels can be modified per profile or account.
This concept confuses many IT administrators and help desk technicians. It is common for people to believe that because they have admin access in Windows, they can do all things on a computer. However, this is a false assumption.
It is common to have admin profiles and super-admin profile in an enterprise environment. Administrators in an organization will rarely have super-admin privileges that allow them to modify everything on a computer, while techs will only have a regular admin profile.
Linux has a concept called user groups. However, they perform slightly different functions in Linux. A default Linux installation will have standard user profiles, a root account (the system administrator), various system users and groups, depending on the applications installed.
Although a standard Linux user profile can be modified to allow for different permission levels, it is common to assign privileges to the root profile to perform administrative tasks. Depending on the version of Linux being used, users would use the SU command or the SUDO command to log in to the Linux OS.
Red Hat Linux, for example, will use the SU co