Kicksecure now has sudoless user by default

Kicksecure Xfce now defaults to a safer split-user model: one account for daily use (user ) and another for admin tasks (sysmaint ). This limits the impact of potential malware and strengthens system security.
The user account no longer has access to sudo or other privilege escalation tools. Only dedicated admin accounts like sysmaint can perform such actions, reducing the attack surface and improving security.

Also, there’s now privleap:

A new security-focused privilege escalation framework replacing sudo. It allows only specific, pre-approved actions to be executed with elevated rights, reducing the risk of misuse or exploitation. SUID-free.

How does this work to install applications ?

Quoting from sysmaint - System Maintenance User

When user-sysmaint-split is installed, the account user will no longer be able to use privilege escalation tools (sudo, su, pkexec) when logged into any account other than sysmaint. This change takes effect immediately.

To perform system maintenance tasks such as checking for software updates, installing updates, etc, the user will have to reboot into the sysmaint account. To do this, restart the system normally, then select PERSISTENT Mode | SYSMAINT Session | maintenance tasks from the boot menu. The system will boot into a minimal desktop session with the System Maintenance Panel running. To reduce attack surface, most superfluous background services are suppressed while booted into the sysmaint account.

This is the System Maintenance Panel.

The sysmaint desktop session is intentionally minimal and not suited for normal desktop use. This is to discourage using it for work that has a higher risk of causing a difficult-to-avoid system compromise (such as web browsing). Quick shortcuts are provided for simple software management and system administration tasks, while more advanced tasks can be performed from a terminal. The sudo and pkexec commands will be usable here.

Once you are done with system maintenance tasks, click “Reboot” to reboot the system. Then boot into PERSISTENT Mode | USER Session | daily activities or LIVE Mode | USER Session | disposable use. This will provide you with a standard desktop session.

From a glance at the privleap README, it seems that only Debian based distros and OSs with the autopkgtest tool are able to install privleap. I don’t think non-Linux OSs are able to install autopkgtest to allow them to use privleap, unfortunately

Whonix also has it as of May 24! This time as a point release

How is this sysmaint different from root?

sysmaint is an account where you can use sudo or other tools to escalate to root

1 Like

Honestly, this seem cumbersome and actually counterproductive. This increases the barrier to regularly updating your system.

It’s not aimed at increasing convenience. But if it becomes such a great barrier that you won’t update your system, then uninstall it.

I am not using it. But I don’t know why if one has criticism then saying you shouldn’t use the project is constructive

See answer below.

I was referring to user-sysmaint-split as the “it”, not Kicksecure.

1 Like