Question:
Is it really unsafe to always log in as root on a UNIX/Linux system?
Matthew H
2011-01-29 02:48:03 UTC
I have been using Linux for 8 years, and exclusively for 6 years. I have always used root login. I have read advice and been told to always use a non root user login and the sudo command. I have tried this method, only to find it highly frustrating and tedious. Seemingly harmless commands require full root access, and I find myself typing in the root password much more often (using the su command) - surely this is more insecure?

I have never once had a problem using only root on a system. I find using root is much more convenient for performing day to day tasks and testing. I have also never had any security issue (AFAIK), despite running several personal server apps to access the system remotely, and I don't feel inclined to accidently type "rm -rf /" any time soon.

Given the above, can someone give a decent reason to never log in as root unless its completely necessary?
Nine answers:
David P
2011-01-29 03:00:53 UTC
The main issue with running as root is that as a superuser (sorry for the Novell term) you can do anything.

This includes deleting necessary files, such as those in /bin /sbin /usr /var etc. Such deletions can lead to system instability.

You also have access to all users data.

If you inadvertantly run a maliciuos script (eg from an infected website or email) you risk doing more damage than if you were a normal user who doesn't have permissions to access certain areas.



It has been considered good practice for many years to run users are normal users rather than at superuser level (root).



Having said all that, I too run as root.
2011-01-30 05:36:35 UTC
you are obviously a very smart linux user.by that you know what your doing so root isn't necessarily a huge security issue in your case.you know the risks so you practice smart user habits.i have been using linux only for about a year now.mostly dual booting but most of the time on the linux partition.personally sudo does not bother me in the least.when i go to yahoo answers and read horror stories from windows users i always feel a little safer on the linux partition.in your case i suppose its not that big a deal.but like i said sudo doesn't bother me one bit.i would not like to see root by default be the norm in linux even if it keeps people from appreciating the security linux offers over windows.i just do not understand why sudo is such a big deal to linux newbies.but in your case it does not appear to be a big issue.
?
2011-01-29 18:15:57 UTC
On a small scale it isn't necessary but it will turn into a bad habit when you work as a sys admin at the enterprise level. Like somebody said if you run a delete command as root and it was the wrong file then there's a big headache there. When you're working on only one system it's very easy to focus and not make mistakes. When you're an admin you have your support team IM flashing for escalations, multiple root shells open to various servers, and managers pressuring side projects. If it's annoying to prepend your commands with sudo create an alias for it.
Linux Mint 11
2011-01-29 18:46:17 UTC
Linux ROOT Definition

http://www.linfo.org/root.html





LUg.
?
2011-01-29 21:34:19 UTC
It can be, as one can accidentally delete system files. It will also give a virus or malware the ability to compromise the entire system.



However, if you know what your doing and practice safe computing practices you should be fine. You may just want to use a non-root account and use the "su" command. You can also use nautilus with the super-user plugin.
Giedrius M
2011-01-29 21:14:43 UTC
Linux'es are not save from malware. The main reason for Unix based system "fame" of being unaffected is that most of the times malware affect single user account and is easily fixed. If you browser net as Root, all stuff is run by root permissions. There are java based exploits (for firefox, for example) that CAN affect system, though they target PC's/Macs mostly.

My personal opinion is that you should fix permissions for majority of your programs so you would not need root access. Is it hard? No.
GameDay
2011-01-29 15:38:36 UTC
Its a big NONO

You just don't do it

You know why

You obviously are savvy about linux



hope this helps
Mark
2011-01-29 10:58:23 UTC
me i would ask this in linux support

http://www.linuxforums.org/
2011-02-01 01:27:54 UTC
i use sudo. very convenient.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Continue reading on narkive:
Loading...