Mason Firewall

This page printed from: https://www.linuxmonth.com/issue3/articles/whynotroot/whynotroot.html?print=1

Top Ten Reasons Why You Shouldn't Log in as Root
by: William Stearns
Regular Edition

I've had some requests in the past about access to the root password on some systems. I understand the attraction of using the root account; one gets instant access to any file on the system, without the annoying access rights problems. It's also convenient to use when installing new software, because those programs generally need to go into directories where only root can write.

Picture the root password as much like a skeleton key to a building that also opens any desk drawer or filing cabinet. Who would get that? The janitor, perhaps a building administrator, maybe one or two other people. But not everyone; as a programmer, I certainly don't need access to the private offices or records storage, for example.

Those people that get that key would need to be trusted in the first place, and in some cases they're bonded as an assurance that they won't abuse that privilege by copying personnel records in the HR office.

Background out of the way, here are the Top Ten Reasons Why You Shouldn't Log in as Root:

10 By running programs as root, you've disabled all the protections that make Linux less vulnerable to viruses than other operating systems.
 
9 How is the sysadmin supposed to live on her base salary once the bribes stop coming in?
 
8 The security permissions are designed to protect the privacy of information in the system.
 
7 The security permissions are designed to make your day as frustrating as possible.
 
6 The system administrator can set up directories that allow groups of people to collaborate on files.
 
5 Won't you be disappointed when you find out that the root password has been "wizard" all this time?
 
4 Running programs as a normal user limits their damage if they have intentional or unintentional security holes.
 
3 The six month background check gets really tiring when fourth cousins start to complain about the NSA surveillance.
 
2 One typo can wipe out other people's files in addition to your own. That's not some theoretical possibility; it really does happen. Trust me.
 
...and the number one reason is...
 
1 I could tell you, but then I'd have to kill you!

William is an Open-Source developer, enthusiast, and advocate from Vermont, USA.


Other Articles by William Stearns

How will you spend your lunch hour?
The Real Issue with LinuxOne
Sshhh, somebody might hear you!
Recovering Deleted Files with "mc"
SSH Techniques
The Open Source Tech Support Partnership
Sudo and other ways to avoid root!
Netcat - Network Connection Made Easy