What’s wrong with always being root?

If you’re logged in as root, you can easily wipe directories or do something that in retrospect is really dumb on the system with the flip of a finger, while as a user you normally have to put a few extra mental cycles into what you’re typing before doing something that is dangerous.

Also any program you run as root as root privileges, meaning if someone or something gets you to run/compile/browse a website that is dangerous and wants to damage your system, such as a trojan or other malware, it has full access to your system and can do what it wants, including access to TCP ports below 1024 (so it can turn your system into a remailer without your knowledge, for example).

Basically you’re kind of asking for trouble that logging in as yourself may prevent. I’ve known many people that ended up being glad they had that safety net in a moment of carelessness.

EDIT: There is also the issue of root being the most well known, thus an easy target, for scripts and hacks. Systems that disable the account and instead force users to use sudo means that any attempt to crack root from ssh or a local exploit to the account are banging their heads against a wall. They’d have to guess/crack a password and username. It’s security through obscurity to a degree but it’s hard to argue that it doesn’t foil most script kiddie attacks.

Related Posts:

  1. Chmod 777 to a folder and all contents [duplicate]
  2. mysql_config not found when installing mysqldb python interface
  3. How to change permissions for a folder and its subfolders/files in one step
  4. ssh: Could not resolve hostname [hostname]: nodename nor servname provided, or not known
  5. Pseudo-terminal will not be allocated because stdin is not a terminal
  6. X11 forwarding request failed on channel 0
  7. How to change permissions for a folder and its subfolders/files in one step
  8. mysql_config not found when installing mysqldb python interface
  9. Pseudo-terminal will not be allocated because stdin is not a terminal
  10. How to download a file from server using SSH?
  11. connect to host localhost port 22: Connection refused
  12. Getting stty: standard input: Inappropriate ioctl for device when using scp through an ssh tunnel
  13. cd into directory without having permission
  14. EC2 ssh Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
  15. How to configure WP filesystem access in Linux (Ubuntu Server)?
  16. WordPress can’t find temporary folder, but folder it’s looking at has correct permissions
  17. WordPress Update – This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php
  18. WordPress sites being filled with random PHP files
  19. What permissions should my website files/folders have on a Linux webserver?
  20. Can I automatically add a new host to known_hosts?
  21. Can I nohup/screen an already-started process?
  22. Why is “chmod -R 777 /” destructive?
  23. Permission denied (publickey). SSH from local Ubuntu to Amazon EC2 server
  24. Is it normal to get hundreds of break-in attempts per day?
  25. How to reconnect to a disconnected ssh session
  26. how to disable SSH login with password for some users?
  27. Keeping a linux process running after I logout
  28. How to check if an RSA public / private key pair match
  29. how do you create an ssh key for another user?
  30. Why does sudo command take long to execute?
  31. “POSSIBLE BREAK-IN ATTEMPT!” in /var/log/secure — what does this mean?
  32. Does getting disconnected from an SSH session kill your programs?
  33. Can you have more than one ~/.ssh/config file?
  34. SSH from A through B to C, using private key on B [closed]
  35. Show all users and their groups/vice versa
  36. SSHFS mount that survives disconnect
  37. Temporarily ignore my `~/.ssh/known_hosts` file?
  38. How can I fully log all bash scripts actions?
  39. Hundreds of failed ssh logins
  40. protocol version mismatch — is your shell clean?
  41. How do I grep recursively?
  42. error: ‘Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)’ — Missing /var/run/mysqld/mysqld.sock
  43. “E: Unable to locate package python-pip” on Ubuntu 18.04 [duplicate]
  44. -bash: syntax error near unexpected token `newline’ for display command
  45. SSH using python script
  46. Changing the resolution of a VNC session in linux
  47. Using putty to scp from windows to Linux
  48. Building HelloWorld C++ Program in Linux with ncurses
  49. How does “cat << EOF" work in bash?
  50. tar removing leading ‘/’ from member names
  51. What is difference between arm64 and armhf?
  52. How to make and apply SVN patch?
  53. mysql_config not found when installing mysqldb python interface
  54. How to count lines in a document?
  55. What does `set -x` do?
  56. Can you Run Xcode in Linux?
  57. How to get the process ID to kill a nohup process?
  58. Writing a simple shell in C using fork/execvp
  59. Using ls to list directories and their total sizes
  60. tar: add all files and directories in current directory INCLUDING .svn and so on
  61. What does set -e mean in a bash script?
  62. Pipe to/from the clipboard in a Bash script
  63. what does -zxvf mean in tar -zxvf filename? 
  64. Retrieve last 100 lines logs
  65. Configuring Apache for localhost
  66. Android – Command not found
  67. How to use dos2unix?
  68. How to add a default include path for GCC in Linux?
  69. What does ‘bash -c’ do?
  70. How do I know the script file name in a Bash script?
  71. enable SFTP via SSH keys in wordpress
  72. How to configure both webserver and appserver for WordPress CMS?
  73. How to remove all plugins, posts, pages, and inactive themes in one line with wp-cli? WordPress bloatware removal
  74. Communcation with wordrpess and linux server [closed]
  75. How can I sort du -h output by size
  76. What exactly do the colors in htop status bars mean?
  77. How to run a server on port 80 as a normal user on Linux?
  78. Showing total progress in rsync: is it possible?
  79. How to bind MySQL server to more than one IP address?
  80. Moving an already-running process to Screen
  81. What’s the best way of handling permissions for Apache 2’s user www-data in /var/www?
  82. How to setup passwordless `sudo` on Linux?
  83. LVM dangers and caveats
  84. How to know from which yum repository a package has been installed?
  85. How do I verify the speed of my NIC?
  86. tar – Remove leading directory components on extraction
  87. Job scheduling using crontab, what will happen when computer is shutdown during that time?
  88. How to list Apache enabled modules?
  89. How can I monitor hard disk load on Linux?
  90. What’s the reverse DNS command line utility?
  91. How to add a security group to a running EC2 Instance?
  92. How bad is it really to install Linux on one big partition?
  93. How do I extract login history?
  94. Perform rsync while following sym links
  95. Why is TCP accept() performance so bad under Xen?
  96. Caching/preloading files on Linux into RAM
  97. What solutions exist to allow the use of revision control for server configuration files? [closed]
  98. Is there a way to do a remote “ls” much like “scp” does a remote copy?
  99. Dump a linux process’s memory to file
  100. What is the difference between /sbin/nologin and /bin/false?

Leave a Comment