The power of ‘root’ in Linux

‘Root’ is the default name for system administrator in a *NIX system — a super user who can do anything and everything within the operating system.

After our previous recitation — Filesystem and File Organization in Linux — we hope the picture of the complete Linux file system would be resident in your minds. We are now equipped enough to try our hands on the beautiful operating system - Linux. But before we take you to the next stage, a very old saying boggled my mind - look before you leap!

The power of root in LinuxLet us go a little deep about the access privileges and rights which a root user has on a Linux system. Root is the default name for system administrator in a *NIX system - a super user who can do anything and everything within the operating system. As a result, root login should be used with special care. While working with a root login, we can end up doing a lot of harm to our system as well as the data, accidentally.

Need for the root account

Root login is required to perform actions which change the settings for all system-wide users or to modify the users’ accounts. We shall also have to use the root account for certain system operations.

Like,

  • To add new users to the system and administer the user data.
  • To install system-wide software.
  • To configure I/O devices like - a scanner or a TV tuner card, for example.
  • To configure system services like - a web or FTP server.

Is root really dangerous ? Why?

Yes, the main reason being security. One of the important rules of Linux operating system states that root account shall be used only in case when we are unable to perform an operation as a normal user. If you are logged in as a root, your system is much more vulnerable to the external attacks. For example, your favorite web browser may probably have a security loophole and if you happen to use it from the root account, you expose the whole operating system the world! If you work on the same web browser using an unprivileged account, it could only affect your personal configuration and data (if it is unencrypted). Here lies the difference.

How to use the root account safely and efficiently?

Ideally, one should avoid logging on to the root account via the GUI. Working continuously as root isn’t recommended for the reasons cited above. It is advisable to switch to the super user using the sudo command before another command (That’s with reference to Ubuntu Linux. This may vary from distro to distro.) This gives a temporary root access to the current user to run a single command, without having the need to actually log on as root. Using sudo command is said to be a little more secure than logging directly as root. Several distros enable sudo for the first user by default and disabling the direct root login via the GUI. Ubuntu is a prime example of this very approach.

This was all about the super user access privileges which we needed to know before we start to install applications and try them on our Linux installation. In our next article, we shall emphasize on how easy, fast and interesting it is to install a software application on a Linux distro. We’ll dig into all the possible ways of installing a software on Linux - the command line way to the modern GUI way!

Image courtesy: XKCD

Praval, the author of this article is available as a freelance writer and technology blogger. He writes reviews and stuffs related to Wordpress, Linux, Information marketing, Open Source Softwares, Life hacks and technology in general. He also provides information marketing solutions to his clients. You may reach him at Praval.com.


Don't like it? There are lots of published articles, pick a random one.

oCricket

Praval Singh posted this article on Wed, Jun 11th, 2008 at 5:16 am
Categorized under Linux, Technology and has the following tags

Prev Article: Filesystem & file organization in Linux

Next Article: Software installation woes on Linux


Possibly Related Articles

Archives: Visit the Archives for more articles.

Comments Post Yours

There are 2 responses so far. You can follow any responses to this entry through the RSS feed. You can leave a response, or trackback from your own site.

  1. Keith Dsouza June 11th, 2008 at 6:13 am 1

    Quite rightly said, I access more than 50 servers at work and can sudo into the account, this is for security reasons obviously and we are very much paranoid about using root access.

    To tighten security we have a single point access to internal servers rather than having everything on the open web, this is to ensure that we can tackle problematic usage by blocking out a single server rather than a bunch of it.

    Well there are different ways you can protect your core system and probably disabling root access to normal users is one of the best ones.
  1. Pings & Trackbacks Sites, articles & blog posts linking back to this article.

Post yours

Sidenotes

Quick notes, scribbles, somehow related to this website and to what I do. Or perhaps I'm just plain lazy to make them into a full article.

Introduction to Adobe AIR (NetTuts)

Nettuts have a nice Introduction to Adobe AIR which focus on using HTML/JS to build an AIR Application. It covers -- Adobe AIR Architecture, How to install AIR, Get the development SDK, Configurations, gets on to ...2nd Oct, 2008

Decide Team Type from Books

What do you think of the "Team-Type" if they got these books recently? What "Team-Type" do these books suggest? ( surveys) 29th Sep, 2008

What do investors look for in a startup?

A great video Interview with Venture Hacker Naval Ravikant answering the age-old question: What do you look for in a startup? Investors look for two things that are paramount above all: # Great team: It's obvious. It's a ...27th Sep, 2008

You don't mess with the 'Englineer Bother'

(Via: Hiring Horror) 24th Sep, 2008

Dear Adobe

Do you have a gripe with the Adobe Softwares that you use? Do you have complaints about Adobe Softwares? Please visit Dear Adobe to file your informal gripe with Adobe. 15th Sep, 2008

View the Sidenotes Archive

Play the Penguin Game

Recommended

  • Forum Oinam’s technical discussion forum where developers and designers can discuss all technical topics.
  • My Special Job My Special Job is a place where you can look for your weird necessities, strangely superb employees, when your need are more of those hackers, geeks, and ultimate rockstars in the Internet Technology.
  • oCricket oCricket is about Cricket and people enthusiastic about it.
  • Not Safe for Work Ever clicked a link and felt embarrassed with the content in front of your co-workers? Ever caught unaware because the funny link your friend sent was a little beyond funny? Let’s minimize that with NSWF.
  • Ode to Apple Dedicated to Apple - Mac, iPhone, iPod, iTunes, Quicktime, Apple TV and all the awesome softwares for the Apple Mac.
  • AS 2.0 Reference Reference for ActionScript 2.0 Programming Language used in Flash. Primarily stashed here for my own personal reference.
  • o! Just Me Of colorful cultures, entertainment, media, life hacks, music, books and movies from hollywood & bollywood.

Download free Brajeshwar Wordpress Theme

Brajeshwar

Brajeshwar I firmly believe in keeping things simple, easy for users and I envison pushing the technical envelop time and again for the betterment of viable commercial and practical applications. More about me.

Brajeshwar Personal Identity Portal powered by VeriSign Labs

Brajeshwar's affinity with Adobe

My Photos

More photos on Flickr

Member of 9rules Network

Since its inception on 11th June, 2001, "Brajeshwar" has 863 Articles and 6,003 comments, contained within 20 categories and 1,233 tags.