> this is the default way Linux works (not entirely the same but similar enough) with sudo
Kinda sorta. Here "not entirely the same but similar enough" means "doing the one major thing that Linux does not force you to do", namely, creating a whole separate user account just so that MS can make the braindead claim that a security boundary isn't being crossed when you enter admin permissions from an Administrator account. On a Linux system you only need to create one user account, and put it in the sudoers group, and Linux then properly treats every attempt to do something with sudo as crossing a security boundary and acts accordingly.
I think you are very confused about what sudo and being in the sudoers group does? sudo is just a command which lets you execute a command as another user. In the typical use case, it lets you execute a command as root rather than as your current user. For it to do anything useful you have to do exactly the same thing as you do on Windows: create a second unprivileged account and log into that instead of root.
> I think you are very confused about what sudo and being in the sudoers group does?
I think you are very confused about what a Linux user actually has to do--and not do.
> create a second unprivileged account and log into that instead of root.
No, you create one account. The root account doesn't have to be created. It's automatically there, built into the system. On Windows, you have to explicitly create two separate accounts, one with Administrator privileges and one without.
> No, you create one account. The root account doesn't have to be created. It's automatically there, built into the system. On Windows, you have to explicitly create two separate accounts, one with Administrator privileges and one without.
Correct, but you're missing the point. There's practically no difference between Linux and Windows when you need to escalate privileges, except having to enter credentials for another (privileged) user than your current (unprivileged) user. The security boundary is there and the user experience is basically the same. Everything else is just nitpicking.
Except root is that account. You're still crossing a user-boundary same as Windows. If you give your user CAP_SYS_ADMIN that's like putting them in the Administrators group.
Kinda sorta. Here "not entirely the same but similar enough" means "doing the one major thing that Linux does not force you to do", namely, creating a whole separate user account just so that MS can make the braindead claim that a security boundary isn't being crossed when you enter admin permissions from an Administrator account. On a Linux system you only need to create one user account, and put it in the sudoers group, and Linux then properly treats every attempt to do something with sudo as crossing a security boundary and acts accordingly.