0

I'm new to server learning and just started with AWS VPC. So the reading materials I have been reading are mainly from AWS.

I can't wrap my head around the concept of deleting root and creating another user with the same privileges as root.

  1. Why can't we just keep root as root?
  2. Doesn't root and the user with root privileges both login in the similar way? It is not that they use different methods to login, have access to different section of files...etc. So why would keeping root access consider insecure?
Organic Heart
  • 157
  • 1
  • 8
  • Where did you get the idea that *"deleting root and creating another user with the same privileges as root"* was a best practice? Please provide links to the documentation. I suspect this is a misunderstanding. – Michael - sqlbot Mar 14 '20 at 15:56
  • Certainly not a misunderstanding @Michael-sqlbot. It is a required step by AWS. There are a few steps that need to be completed before proceeding with setting up IAM user. *Removing* root access is one. I used the wrong word in the post as pointed out by gnuuu. Is *removing*, not *deleting*. – Organic Heart Mar 14 '20 at 22:27
  • @Michael-sqlbot I've just learned that root and the administrator don't have exactly the same privileges. so yes, in that sense I have misunderstood it. – Organic Heart Mar 14 '20 at 22:48
  • So it sounds like you are asking about the [AWS root account](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html) ... but the answer you have accepted actually appears to assume that you are asking about the [Unix superuser](https://en.m.wikipedia.org/wiki/Superuser) which actually has the username `root`. The 'system' referred to there is a server. – Michael - sqlbot Mar 15 '20 at 01:15
  • Thanks @Michael-sqlbot so AWS root account is not the same as any other root? – Organic Heart Mar 15 '20 at 06:07
  • You really need your question to be much more precise, with links to exactly what you think is deleting the root user. You never delete the AWS account root user or your lose account access, but you do usually create an admin user for day to day use. Within a Linux server, do whatever you like. – Tim Mar 15 '20 at 07:00

2 Answers2

2

Usually users that have the ability to run commands as root need to do this through the use of a program like sudo. Running commands as root that do not need to be run as root can be very dangerous as root has the ability to do manage system files, install/uninstall packages, access (hashed) user passwords in /etc/shadow, and do virtually everything on a system. However, root is not "deleted", as you say, but access is disabled, possibly through ssh via the PermitRootLogin option.

In addition, if there is an exploit in a piece of software you are running that allows, say, a remote shell to be accessed on your computer. If it you were running as root, it would be able to do anything on your computer with no restrictions. But as a normal user, it wouldn't be able to do anything, as sudo by default requires a password to be able to run a command as root.

Some safeguards are in place to prevent you from totally destroying your computer involuntarily, such as rm -rf / requiring --no-preserve-root. But these are not foolproof measures, and if you were running as root and accidentally changed to the / directory and ran rm -rf *, you would be in trouble. While on the other hand, user accounts typically only have write access to their home folders, giving you time to exit the command and keep your files.

  • Thanks for pointing out the differences between the root and administrative user. I have assumed that they were actually the same and hence the start of the confusion. – Organic Heart Mar 14 '20 at 22:46
2

Although what @gnuu says is correct, I would answer differently. The reasons I would give are

  • If more then one person has access to the system forcing them to log in with an account other then "root" helps with auditing and accountability (this assumes non-malicious root users or network authentication and/or external logging)

  • It enforces best practice's - like principle of least access - This focuses the user on the risks associated with using their root privileges. It also encourages systems like sudo which can be set up do a limited subset of root activities to mitigate risk.

  • It encourages - as far as possible - setting up services to not run as root, which is a security win.

  • It may frustrate brute force attempts against the root account.

(It is fully possible to set up a system with root access that avoids all these pitfalls)

davidgo
  • 6,222
  • 3
  • 23
  • 41
  • What you said has just made sense to me now. Because this is just for learning purpose, and I am the only one using the server, I'm seeing it as me as the root need to remove the root access and create another user for myself again. I've neglected the real-world application where there are more people accessing it. – Organic Heart Mar 14 '20 at 22:34