Why You Should Not Log In As Root In Linux?
What Is A Root Account?
From a Windows user perspective, it is the same as the Administrator account. Microsoft tried to improve its security by introducing UAC, even if you are logged in as an Administrator.
In Linux, there is no UAC inbuilt. Hence, you should never log in as a root user. Even if you know what you are doing, you cannot be too sure that the application you are executing is safe.
Introducing sudo
The equivalent to Windows UAC for Linux is sudo. It stands for "superuser do". It will execute commands with the security privileges of another user.
sudo apt update && sudo apt upgrade -y
How Does This Minimise Damage?
Any command or application running on a normal user account will not be able to modify system files without gaining root permissions. They can only write to your /home/<user>/ folder. This will also prevent the user from accidentally modifying a system folder too.
For example, John received a script that does the following:
- Archives the current working directory
- Uploads the archive to a remote site
- Deletes the archive
John glanced through the description, and he did not have the time to inspect the code for malicious intent. But, don't worry, I did that too, once.
He ran the code at the / root directory, but he was logged in as a root account. The script was executed, and he went to make a coffee. When he came back, all the files in the root directory were gone.
The Linux is running from the RAM at this point. He thought he was saved with the backup the script made and uploaded, but it failed to connect to the remote drive. Oh no, now he's gone.
That will not occur if he ran the script as a normal user. Linux guides are full of instructions, and copy-pasting them blindly without reading them will cause more harm to your system.
When Should I Use sudo?
You should only use sudo when running a command that modifies the system file. Most daily Linux applications do not need sudo permission. Most applications will refuse to run as sudo. This practice provides another layer of security if the application opens a malicious file; it cannot modify the system file.
Even if you know what you are doing, it is still unsafe to run as a root account. You will be bypassing much of the security design that makes Linux secure.
root == administrator without UAC
With great power comes great responsibility.