Tech Zone > Security

Security precautions - What is a root account?


What is a root account? Is it the same as admin on Windows?

So when people say don't log in as root, what they mean is install Linux, update it, then create a 'local account' that does not have admin/root privileges/access?
If you then want to install something, do you have to enter your password as you do on Windows? If so, how is a local account any different from a root account? On Windows, if you are logged in as admin, you can install software without entering your password, whereas on a 'root account' on Linux, you still always have to enter your password.

Suffice it to say I'm confused.

So what is a root account?

It defeats the security model that's been in place for years. Applications are meant to be run with non-administrative security (or as mere mortals) so you have to elevate their privileges to modify the underlying system. For example, you wouldn't want that recent crash of Rhythmbox to wipe out your entire /usr directory due to a bug. Or that vulnerability that was just posted in ProFTPD to allow an attacker to gain a ROOT shell.

By default when you log into a Linux system you are logged in with restricted privileges which means you can read, write & execute files only within your own Home folder but you are not able to make system wide changes such as, install software, edit system config files, run system updates etc, 

This is what makes Linux a more secure system and highly resistant to viruses and other malicious code and prevents the user from making accidental changes that can harm or damage the system irreparably , elevating privileges is usually done using the sudo command (superuser do) which gives you temporary root permissions to perform functions that would normally require elevated privileges, only users on the sudoers list is allowed to run sudo, another means of gaining root access is to to use the su command but this is not recommended for the average user and best avoided

I don't know if it's the same as administrator account on Windows I know nothing about Windows and have no intention of learning, I suspect it's similar but not exactly the same

All the above is my understanding I am by no means an expert



[0] Message Index

Go to full version