Friday, November 2, 2007

Understanding Root and User Accounts.

If you read my brief history of Linux post, you learned that Linux is actually two operating systems, GNU and Linux. These two merged to become GNU/Linux, which we now simply call Linux. And GNU, which stands for GNU's Not Unix , was patterned after the Unix operating system.

Unix was set up to be a multi-user operating system. And Linux is the same way. It is a true multi-user operating system. Each user can have his/her own distinct, unique account. The settings, wallpapers, tool bars, etc. can be specifically tailored by each user and never intrude on another user's account. And each user's documents and data are secure within their account. Unless you know the other user's password, you're not going to be able to access those documents. So, a family of four (Dad, mom, brother, and sister) can each run their own user account in Linux without having to worry about losing their data because another family member was using the computer.

The only way any user can have access to everything on a Linux computer is if they are running the Root account. The Root account is also known as the Administrator account. This account is all knowing, all seeing and has access to EVERYTHING. When Linux first installs and sets up on your computer, it creates a user account. During this set up, Linux also allows the first user (the person installing and setting up the system) to create a unique password to access the root account. But, everyone using the Linux system does so at the user level. In order to access files and data system wide, a user needs to have the Root password to gain access to the upper administrator (Root) level. In this way, a user without Root access cannot install a malicious program or virus system wide or accidentally delete other users' documents, files, or data.

The administrator (Root) can control permissions for all other users. For instance, Mom or Dad (running Root administration) can block the kids from installing software. They could also determine many other permissions for the children's user accounts. The administrator can really lock things down or open them up. Linux is quite powerful in this regard.

Contrast this to Windows XP, where EVERYONE with a user account, by default, actually runs at the administrator level. This is why, when dad sits down to use the family Windows computer, he can't understand why his browser is suddenly displaying a million pop up ads (how many friends do you know have complained about this exact situation?) It's because the previous user was using the system (in their own account) and accidentally installed a piece of spy ware or Trojan. Even though they may have been running their own account, the malicious program was installed system wide because all Windows XP accounts are set up, by default, at the administrator level.

By the way, Linux is immune to Windows' viruses, Trojans and spy ware.

But, let's just say that a user running Linux did something to corrupt their browser in some way. Well, the problem would be confined to their account only. This time, when Dad sits down to use his account on the family Linux computer, everything works. His account, data and files are all secure and completely separate from all other users' accounts.

Root and user accounts. One of the many reasons why Linux is so powerful and secure. And better than Windows.

No comments: