highexperimentalLinuxAI/MLT1548.003

LLM Service Running Sudo Or Su

Detects LLM service processes spawning sudo or su to elevate privileges. Privilege escalation from an LLM runtime is a high-confidence indicator of excessive agency or a successful prompt injection achieving privilege escalation.

Updated Jan 15, 2025 · Detection Engineering Team

llmexcessive-agencylinuxprivilege-escalationowasp-llm06

Problem Statement

An LLM service with sudo access represents excessive agency; the model can direct full root-level OS commands. Detecting sudo invocations from LLM processes is critical for containing blast radius.

Sample Logs

{"timestamp":"2025-01-15T15:33:02Z","computer_name":"llm-host-02","user":"llm_svc","image":"/usr/bin/sudo","command_line":"sudo -u root /bin/bash","parent_image":"/opt/llm/app/agent_runner.py"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Setup scripts that run as the LLM service user and require temporary privilege escalation

Tuning Guidance

The LLM service account should not have sudo privileges. This is a near-zero false positive alert in a hardened environment.