A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides
Authorization
Confidential Information

Cybersecurity Risk

Network Security

Personal Data

What is Root Access?

 , April 11, 2018
Root access is authorization to execute any command and access any resource on a device.

Linux

Root access is specific to unix, linux and linux-like systems such as android. A large number of devices run on proprietary formats of linux.

Superuser

A superuser is a generic term for the user on an operating system that has full privileges. On linux, this user is almost always root. Other operating systems have similar users such as the administrator account on windows.

User Id 0

Root has the user id 0 on linux systems. In some cases, it is possible to have another name for the root account. This should result in the same level of privileges as long as the user id is 0.

Root Group

Root group is a user group on linux systems associated with the root account. It is common to set file permissions on linux such that only members of the root group can read, write or execute most files. Any number of users can belong to the root group. However, this does not give you the same level of privileges as being the root user.

Sudo

Sudo is a linux command that allows you to run commands as another user, by default root. This is a way to give all users temporary root access. In order to run sudo your user needs to be registered in a configuration file, often located at /etc/sudoers.

Principle of Least Privilege

The principle of least privilege is a foundational information security guideline that states that each user should be given the minimum permissions possible that allow them to do what they need to do. For example, it is a best practice for administrators to use their own user id and sudo. If you are logged on as root it is possible to make terrible mistakes such as deleting your root directory or important system files.

Privileged Account

A privileged account is any user on an operating system that has authorization to perform tasks that are considered administrative such as changing system files. Root is the most privileged account. Any account that can do sudo is just as privileged. There are other ways to grant limited privileges to an account such as adding an account to the root group so that it has access to a large number of files.

Processes

All processes run as a user. As such, the same restrictions and privileges that apply to people apply to processes. If you run software as root user, it is important to trust that software. For example, it is possible for a process running as root to grant root access to a person by opening a user interface such as a terminal emulator.

Rooting

Rooting is the process of obtaining root access on a device. Historically, if you owned a linux device you were typically were granted root access as the device was yours. Some modern devices do not provide root access to owners of the device. This is done for security or to control devices for commercial purposes such as requiring users to obtain all software through an online store. Some device manufacturers provide official rooting procedures for advanced users who want to control their device. In cases where rooting is not supported by the manufacturer, users often design their own procedures and share them. This can be dangerous as the manufacturer may detect this and disable your device. If you want root access, the best way is to buy a device that supports rooting or provides you with root permissions out of the box.

Notes

Generally speaking, root access should only be used if you know what you are doing and even then it should be minimized. However, root access is required to learn about system administration and other computing pursuits such as software development. In practice, many administrators and software developers spend a lot of time logged in as root and only occasionally make huge mistakes.
Overview: Root Access
Type
Definition
Authorization to execute any command and access any resource on a device.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
Incident Response
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Authentication vs Authorization

A few examples of the difference between authentication and authorization.

Organizational Unit

An overview of organizational units (OUs).

Tokens

A definition of token with examples.

Information Security

A list of information security considerations.

Technology Risk Management

A reasonably comprehensive overview of technology risk management.

Not Applicable

The definition of not applicable or N/A with examples.

Patch Management

An overview of patch management with examples.

Air Gap

The definition of air gap with examples.

Offline Software

The definition of offline software with examples.

Personal Data Types

A list of the common types of personal data.

Digital Preservation

The definition of digital preservation with examples.

IT Gaps

An overview of IT gaps with examples.

IT Modernization

An overview of IT modernization with examples.

Network Security

An extensive list of network security techniques.

Cybersecurity Risk

An overview of cybersecurity risk at the organizational level.

IoT Security

The unique problem of security the internet of things.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map