Root access and the root user

You might have heard of the concept of “superuser”. This is something quite similar to an “Administrator” account on Windows, a superuser has access to everything, and can control, and modify (or even break) the system.

Linux’s (and most UNIX-like systems’) superior security partially comes from the fact that average users have a limited scope. This means, that the average user account cannot modify the system, can only run installed applications, but cannot install or remove new ones, or even upgrade the system. This has an obvious advantage of malicious files (like malware or viruses) not being able to be accidentally executed by the user. Also, the user usually has write access to a limited set of files, mostly their own documents (reside inside their home directory), or any external device he has access to. This means that while a user can open and read the contents of most system files, they cannot modify these.

Linux systems have a root user. This is the built-in super-user account. While theoretically any user would be furnished with similar super-cow-powers, it would make little practical sense, especially form a security point of view. The root user can update the system, install and remove software, and have read/write access to every (or almost every) file on a system. Cool, isn’t it?

On Debian, the root user has a password too, one can log in as “root”, with the root password, and wreak havoc on the fresh installation. This is a bad participate and considered dangerous (one can easily turn the system into an unusable pile of code that will not even start, so it is best to keep away from it.