[EdCert previous] [EdCert next] [EdCert top]

Superuser

The superuser is a privileged user who has unrestricted access to the whole system; all commands and all files regardless of their permissions. By convention the username for the superuser account is root.

The root account is necessary as many system administration files and programs need to be kept separate from the executables available to non-privileged users. Unix allow users to set permissions on the files they own. A system administrator may need to override those permissions.

Access to the root account is restricted by a password. Because the superuser has the potential to affect the security of the entire system, it is recommended that this password be given only to people who absolutely need it, such as the system administrator. It is also a good idea to change the password on this account often. On BSD derivative systems, users who have access to the root account are frequently listed as members of group 0, also known as wheel.

There are several ways to log into the root account. If a system comes up in single user mode whoever is logged in automatically has root privileges. When a system is already up in multi user mode, a user can log in directly as root. This is not recommended as it is easy to take superuser privileges for granted and perform mundane tasks in this mode. When a user is already logged in, issuing the su command, without options, will cause the system to prompt for the root password. Once it is given the user becomes root.

6. Unix deals with superuser the same way other multiuser systems do.

The root account has its own shell and frequently displays a prompt that is different from the normal user prompt. If this is not the case, changing the default shell for the root account will change the prompt. Commands and programs that a system administrator will need as root are kept in /etc to decrease the chances of a user trying them by accident. For example, /etc contains /etc/passwd, which holds a list of all users who have permission to use the system.

Because the root account has extensive privileges it has an equal potential for destruction. This is amplified by the fact that safeguards built into some commands do not apply to this account. For example, the superuser may change another user's password without knowing the old password. The superuser can also mount and unmount file systems, remove any file or directory, and shut down the entire system. The root account should be used with caution and only when necessary to perform a given task. A misplaced keystroke in this mode can have disastrous results.

Further protection can be obtained by placing restrictions on the root account. On BSD based systems like SunOS, the su program can be modified so that any user who tries the command will be checked to see if they are a member of group 0. BSD 4.3 has an additional security measure known as the "secure terminal concept". In this case the terminal itself will not accept a login as root unless it is designated as secure in /etc/ttys.

For more essential information on superuser and root see The Root Account, and Abusing the system.


Terms used: superuser, root, single user mode, multi user mode, su, shell.




[EdCert previous] [EdCert next] [EdCert top]