Why is it bad to log in as root?

security root administrator users

It defeats the security model that's been in place for years. Applications are meant to be run with non-administrative security (or as mere mortals) so you have to elevate their privileges to modify the underlying system. For example, you wouldn't want that recent crash of Rhythmbox to wipe out your entire /usr directory due to a bug. Or that vulnerability that was just posted in ProFTPD to allow an attacker to gain a ROOT shell.

It's just good practice on any operating system to run your applications on a user level and leave administrative tasks to the root user, and only on a per-need basis.


Just one word: security.

  1. You're logged as root = all applications are running with root privilegies -- every vulnerability in Firefox, Flash, OpenOffice etc. now can destroy your system, because possible viruses now have access everywhere. Yes, there are only few viruses for Ubuntu/Linux, but it's also because of good security and default unprivileged user.
  2. It's not only about viruses -- small bug in an application could erase some system files or...
  3. When your're logged as root, you can do everything -- the system won't ask! Do you want to format this disk? Ok, just one click and it's done, because you're root and you know what you're doing...

Running as root is bad because:

  1. Stupidity: Nothing prevents you from doing something stupid. If you try to change the system in anyway that could be harmful you need to do sudo which pretty much guarantees a pause while you are entering the password for you to realize that you are about to make a possible big/costly change.
  2. Security: It has been mentioned already quite a few times in this question but basically it's the same thing, harder to hack if you dont know the admin user's login account. root means you already have one half of the working set of admin credentials.
  3. You don't really need it: If you need to run several commands as root and you are annoyed by having to enter your password several times when sudo has expired all you need to do is sudo -i and you are now root. Want to run some commands using pipes? Then use sudo sh -c "comand1 | command2".
  4. You can always use it in the recovery console: The recovery console allows you to try and recover from doing something stupid or fixing a problem caused by an app (which you still had to run as sudo :)) Ubuntu doesn't have a password for the root account in this case but you can search online for changing that, this will make it harder for anyone that has physical access to your box to be able to do harm.

The reason why you couldn't find information about why it's bad is because, well, there is way too much data in the internet :) and that a lot of people that have been using Linux for a long time think like you do. This way of thinking about the root account is fairly new (a decade maybe?) and a lot of people still get annoyed by having to use sudo. Especially if they are working on a server which means they went in with the intention to make system changes. Probably brought on from previous bad experiences and security standards most sysadmins know better but they still don't like it :).

Related

How do I get permissions to edit system configuration files?
What is the difference between "gksudo nautilus" and "sudo nautilus"?
How do I reset GNOME to the defaults?
How to share files through the local network?
Is Ubuntu compatible with my hardware? [duplicate]
"dev/sda1: clean, ..." This message appears after I startup my laptop, then it won't continue booting
How to enable root login?
How to install Ubuntu on portable external Hard Drive?
How to run sudo command with no password?
How can I remove Amazon search results from the dash or disable the feature?
How can I update all Snap packages?
How do I remap certain keys or devices?