Why it is not recommend to use root login in linux

linux networking security fedora
6,714

Solution 1

The primary reasons are thus:

  • Every hacker / virus knows that there is a root account. If they are blindly attacking a system, it's a known entry point, and very likely to be a target. This is why your root account should have logins disabled.
  • Everyone makes mistakes. You'll be in a rush, accidentally hit the wrong key, not double-check/realize the full list of files in that wildcard you just entered... eventually, you'll be sitting at your system thinking. "Crap. I did not want to do that. How do I undo that?" It happens to the best of us. By not using the root account, you can be relatively confident that whatever you just did, did not mess up your system's ability to operate.
  • Privilege escalation - If there is a security vulnerability that's exploited (in say, your web browser), by not running your programs as root will limit damage. If your web browser is running as root (because you logged in as root), then any security failures will have access to your entire system.
  • Acountability - There is only one root account. If everything is using the root account, it's difficult to find out who did what. This applies less in a single-user environment, but that's still not a good argument to avoid good security practices. With something like sudo, every command that's executed with super-user powers is logged, along with the specific user that requested it be executed.

Solution 2

You don't need to and it is insecure.

You just don't want application to run with elevated privileges. There was a bug a while ago in an application that would erase everything on you /usr directory. If the application was running as an ordinary user that user should not have enough permission to execute that action.

You would also start your browser with elevated privileges as well. Infected web pages exploring failures in that browse could compromise your system among other problems.

There was a similar question on ubuntu forum a few years ago, you might want to check:

https://askubuntu.com/questions/16178/why-is-it-bad-to-run-as-root

Share:
6,714
user2086641
Author by

user2086641

Updated on September 18, 2022

Comments

  • user2086641
    user2086641 over 1 year

    I am a developer using Linux fedora.I seen in lot of links that it is not a good idea to use root user,because someone can easily hack my password.Instead create a separate account for development purpose.But i am using my own fedora machine and myself only using.In this case is it recommend to use a separate account instead of "root".Need more clarification

    • Josh
      Josh over 10 years
      If I were you, I'd use a non-root user. It's just good practice. I'm no developer, but I'd imagine you'd want to code as a non-root user as well, to ensure that your code works well when not logged in as a root user, but I could be wrong.
    • TheXed
      TheXed over 10 years
      Using root in Linux is like using the default account in Windows XP... full system control with no restrictions... bad idea...

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Fedora 20: Failed to start LSB: Bring up/down networking
How to grant access permission on network interface?
eth0 disabled / eth0 does not seem to be present / after restoring image
Linix Mint Live CD: DNS not working, but will ping out fine
Why can't Fedora start my (hard wired) network?
How to install all security tools of Kali in other linux distros?
FTP: connect: No route to host error
How to configure tftp server on Fedora 23?
How do I properly SSH into a server behind a NAT while maintaining the tightest possible security?
How to disable and re-enable wireless network card in Fedora?