Unix, the 'grand-daddy' of Linux, has always been a MultiUser OperatingSystem. Because computers were very expensive, slow, and time on the typewriter was limited, people would write their programs and leave them running while the next user typed in theirs.

All users on a Unix system are the same, except one. That user is called the 'super-user', and they have complete control of the system; they can kill all the processes running on it, they can access all the files, they can create and delete users.

On Linux the super-user is called root 1?. (Think of a tree.) If you are logged in as a regular user and you want to 'become' the super-user, you use the command su(1). su stands for 'switch user' (not super-user) and you can change to any user.

The super-user has control over all the hardware, but the initialization of the operating system gives normal users control over everything they need to have access to.

Don't overuse this power. If you do everything logged in as root, and you accidentally rm(1) something, it's gone. You can lose everything on your system. Someone who chances on your keyboard can get at anything on your computer. Never be logged in as the super-user.

Does everything run as the super-user?

No, that's a very silly idea. Programs can start as the super-user, get access to whatever they need to (perhaps a certain port?), and then they reliquish the access. Most good programs are written this way. If your mail server ran as root, and there was a bug in it, you could crack root access by sending mail to a computer! (That is how the CodeRed worm worked.)

If the super-user is the only person that can write to the sound card/some piece of hardware, how come I can too?

The super user can 'grant access' to certain devices. For example, in most Linux distributions, /dev/dsp (the sound card, dsp stands for Digital Signal Processor) is set up so that it is owned by root but belongs to the group 'audio', so that you can put any users that you want to be able to play sounds into the 'audio' group.

Changing to root whenever I want to do any administration is too hard! or
RedHat/MacOSX asks me for the root password whenever I try and do any configuration, can I have the same thing?

There is a program called sudo(1) that lets you perform tasks as root. You type sudo [program-name?, it optionally prompts you for password, and away you go. You can configure this so that you can perform certain super user tasks (anything using the hardware: ejecting a CD is a good example)

I never had to worry about this in Windows 9x!

That's right. Everyone is the super-user all the time in Windows 98. And indeed, if you want, you can log in as root for everything to Linux. Hopefully the above page has explained why you wouldn't want to do this. This is a choice that Linux offers you. This access model was introduced as standard in Windows NT and continues into Windows XP today.

Extra for experts: the super-user is defined by having UID 0, not by being named 'root'. If you're particularly security conscious you can rename your superuser to anything you want, and your system will just keep on ticking. However, SecurityByObscurity is pretty poor security, so you should always make sure your super-user account has a strong password that is changed regularly, on a publicly accessable computer.

CategoryBeginners