Using the ‘root’ account is like being God on a Linux system. That means that you want to be extremely careful when working as root. With something as simple as a wrong keystroke you could do a great deal of damage. Before you actually sit down and work as root for the first time.
So, Don’t run as root is an offend of unix security. While I agree 100%, it’s not as big on the desktop as some would think. I’d like to point out why here. I still believe you shouldn’t login as root, but I also believe that it’s up to each user to make their own decision.
If you’re the head systems administrator, you can start delegating your collegues by installing and configuring the program sudo. In Unix/Linux speak, the term ‘su’ means superuser – that is, root. Only root has true administration rights and privileges, so this program allows others to “do” su, hence the name, sudo.
Or, you could log in root via terminal typing su – with password. Su lets you work as root when you’re logged in as another user. Good practice dictates that you disallow root logins from remote machines, so if you’re performing administration tasks remotely, su is irreplaceable. For all intents and purposes you’ve got a root terminal open now. That means that you can do anything – just as if you had logged in as root in the first place. You’re really running the same risks by working as root, but you’ve at least eliminated the risk of logging in as root.
So what do you gain by not running as root? Well, your system is a lot less likely to be the victim of an ongoing compromise. As root, an attacker can modify your operating system to their liking. Guess what~ your ssh client now sends the username, host, and password for any system you connect to to a server in China. Or maybe grab your usernames, passwords, credit card numbers, online bank login and your most personal conversations. That will be a chaotic disasters.
Can I create another root user account in Linux? By default almost all Linux distributions and UNIX like operating system creates the root account at the time of installation. You don’t have to create a new root account. Use su or sudo command to run administrative task as the root user. Creating another root user can be a security risk. Root has a UID of zero in /etc/passwd. This means absolute control over the system for the root user. You can set any user id to 0 (zero) to grant unlimited permissions provided that you login as root.
It is recommended that you use root only when required and there is no need to create a new root user account.
I cut it short, if you want to run as root on your desktop, sure!. But know the risks, and know the consequences. On the other hand, please bear in mind “don’t login as root” as if it’s a magic show for desktop security from cyril.
jonboy60
I’m a Malaysian, my name is Jon Loh (jonboy60) living in Kuala Lumpur and working in Petaling Jaya, Malaysia. Jonboy60.com is a blog magazine about Linux and other open source softwares. All about to a daily jobs or real life experiences I had since the year 2002 administrating Linux and Windows server in a hosting company. Basically i will be offering Linux tips, howto, tricks, latest news and tutorial. Contact Me for Career opportunities, business offers, Linux solutions for business or home, web and email server solutions, Linux consulting and expertise requests. Email to me on jonboy60{@}gmail.com. The site I’m running is VenCouture.com – Malaysia Online Fashion Shopping Boutique, VenCouture. We sell fashion clothes, sexy lingeries, baby clothing and etc.
Follow Me:
