What Is the secure_path Setting in Ubuntu Sudo?

This guide defines the secure_path setting in Ubuntu’s sudo configuration and outlines its security role. It covers how the setting restricts environment variables to prevent privilege escalation and explains the safe method for viewing or changing this value.

The secure_path setting defines the specific system paths that sudo uses when executing commands. By default, when a user runs a command with sudo, the system ignores the user’s personal PATH environment variable. Instead, it uses the predefined list of directories specified in secure_path.

This restriction is a critical security measure. Without it, a user could place a malicious script in a directory they own, add that directory to their PATH, and trick sudo into executing their script with root privileges. By enforcing a secure_path, Ubuntu ensures that sudo only looks for executables in trusted system directories like /usr/bin and /sbin.

Administrators can view this setting in the /etc/sudoers file. It typically appears as a line starting with Defaults. To modify this configuration, always use the visudo command rather than editing the file directly. visudo checks for syntax errors before saving, preventing lockout from sudo functionality. The default value usually includes standard binary directories such as /usr/local/sbin, /usr/local/bin, /usr/sbin, /usr/bin, /sbin, and /bin.