[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Security Guide

The Root Account

The root account has virtually unlimited access to all programs, files, and resources on a system. The root account is more properly known as the superuser. The superuser is the special user in the /etc/passwd file with the userid (UID) of 0. This user is commonly given the username root. So, it is not the username that makes the root account so special, but the UID value of 0. This means that any user that has a UID of 0 also has the same privileges as the superuser. Also, the root account is always authenticated by means of the local security files.

The root account should always have a password, and that password should never be shared. The root account should be given a password immediately after the system is installed. Only the system administrator should know the root password. System administrators should only operate as root to perform system administration functions that require root privileges. For all other operations, they should return to their normal user account. Routinely operating as root can result in damage to the system as the root account overrides many safeguards in the system.

Disabling Direct root Login

A common attack method of potential hackers is to obtain the super user, or root, password.

To avoid this type of attack, you can disable direct access to your root ID and then require your system administrators to obtain superuser privileges by using the su - command. In addition to allowing you to remove the root user as a point of attack, restricting direct root access allows you to monitor which users gained superuser access, as well as the time of their action. You can do this by viewing the /var/adm/sulog file. Another alternative is to enable system auditing, which will report this type of activity.

To disable remote login access for your root user, edit the /etc/security/user file. Specify false as the rlogin value on the entry for root.

Before you disable the remote root login, examine and plan for situations that would prevent a system administrator from logging in under a non-root user ID. For example, if a user's home file system is full, then the user would not be able to log in. If the remote root login were disabled and the user who could su - to root had a full home file system, then root could never take control of the system. This issue can be bypassed by system administrators creating home file systems for themselves that are larger than the average user's file system.

For more information on controlling root login, see Administration and User and Port Configuration.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]