Linux has a lot of security measures in place that are meant to protect your system from threats and sometimes (admittedly) our own stupidity. There are three main features that exist to limit and provide access as needed — file permissions, file ownership, and the root user account.
Although widely known as the super user account, SU actually refers to substitute user, and instructs the computer to execute commands with the file permissions of another user, by default the root account. This shortcut is a powerful tool that can be very helpful when used correctly or absolutely devastating if used recklessly.
Today, we’re going to go into deeper detail about SU and why you should be responsible when using it.
All of the major operating systems have the concept of an administrator account, offering heightened privileges compared to otherwise “normal” user accounts. Normal users have access to their own files, but not other users’ files and only read-only access to system files so that they can run installed applications.
Administrators, on the other hand, can change system files, which includes installation of new or updated applications, and can (usually) see other users’ files.
Simple enough, right? Sure, the concepts are quite easy to understand, but it has further-reaching implications than just that. Administrators, who assumedly know more about what they’re doing, can make more major changes to a system without it breaking or leaking sensitive data. Normal users without these permissions cannot perform these tasks, so there’s little chance that those users will break the system.
On most systems with just one user, that user is often the administrator and can do whatever they want with their computer. This is a hierarchy of one, so no third party needs to be present as administrator. However, whenever users have access to these system privileges all the time, they tend to use them blindly, simply accepting requests for admin rights without thinking it through.
The Super User Account On Linux
Linux takes a different approach to handling these administrative privileges. Instead of assigning admin rights to user accounts, Linux separates these into two different accounts: the SU account (sometimes called root) and then your normal user account. The idea is that if you need to do something that requires elevated privileges, you can use the SU command and do whatever you need to do.
At least psychologically speaking, this method forces you to realize that you’re doing something more serious to your system as it won’t let you do it without using SU.
To switch, you just need to open up a terminal and type in
It will then ask for the root password to grant you access. If you use sudo, you can also run
which will open up bash (simply another instance of the terminal) but on behalf of the root.
Separating these accounts also helps with managing systems. If a system administrator needs access to the system to make changes, but they aren’t a regular user, they just need to use SU and they won’t have to make a normal user account. These accounts can have different passwords, so only people trying to switch with SU and know the password will get in.
The root account is really powerful, so it should feel like a big deal if you need to switch into it. As root, you can delete your entire system in one terminal command . As a normal user, it wouldn’t let you do that because you don’t have access to modify any files outside of your home folder. Any damage that you do as a normal user stays contained within that domain — it doesn’t affect the system or any other users.
It’s also a great defense mechanism against malware. If it happens to get on your system and execute, it will have the same permissions as your normal user account. It could only gain additional rights if it knew the root password. So while it could destroy your space on the system, it cannot bring down the entire system. On rare occasions, bugs are found where software could gain root access in ways that they’re not supposed to, but those bugs usually get patched up in just a couple days.
SU vs. Sudo
Having to use SU can be a bit annoying for some, so the sudo command was invented. Short for “SU do”, this command can prefix any other command that you want to run as root while still logged in as your normal user. The SU just needs to place your normal user account in the “sudoers” group, and then you’re allowed by the system to use the sudo command. All it requires is that you type in your normal user password before the command executes. Of course, you’ll also need to learn what commands you need to put in front of sudo.
Some distributions prefer to use sudo and then disable SU because a normal user using sudo isn’t actively using elevated privileges all the time, unlike someone using the SU command. It also tries to avoid the problem of zero-day security holes that allow unintended root access because the command is disabled to begin with. Finally, by using sudo, the malware would have to guess the user’s password before it could gain elevated privileges.
The problem with sudo, however, is the same as on other operating systems. Users with access to sudo tend to use it blindly and without much additional thought. Again, this is usually fine for systems that are only used by a single user anyways, or systems with a small amount of users with an even smaller amount of them with sudo access. But larger systems should probably leave sudo alone and stick with just SU and normal accounts.
Security In Mind
So, quick review: SU is great because it encourages less mistakes, but it’s still powerful and should only be used by the right people (depending on what system you’re using). Sudo helps bridge the gap between root and normal users, but it has its theoretical downsides. What you end up doing is up to you (that’s the beauty of Linux!), but it definitely helps you make better choices when you’re informed.
What do you think about SU and Sudo? Is there anything you would change to improve permissions and security? Let us know in the comments!