Superuser - Wikipedia
Jump to content
Checked
From Wikipedia, the free encyclopedia
This is the
latest accepted revision
reviewed
on
14 April 2026
Special user account used for system administration
For the Q&A site, see
Super User
Not to be confused with
Power user
List of user groups as displayed in
Arch Linux
. Here, the superuser is "root".
In
computing
, the
superuser
is a special
user account
used for
system administration
. Depending on the
operating system
(OS), the actual name of this account might be
root
administrator
admin
or
supervisor
. The
principle of least privilege
recommends that most users and applications run under an ordinary account to perform their work, as a superuser account is capable of making unrestricted, potentially adverse, system-wide changes.
In some cases, the actual name of the account determines whether the user is a superuser. In others, the name of the account is not the determining factor; on Unix-like systems, for example, the user with a
user identifier
(UID) of zero is the superuser [i.e., uid=0], regardless of the name of that account;
and in systems which implement a
role-based security
model, any user with the role of superuser can carry out all actions of the superuser account.
Unix and Unix-like
edit
In
Unix-like
computer OSes (such as
Linux
),
root
is the conventional name of the user who has all rights or permissions (to all files and programs) in all modes (single- or multi-user). Alternative names include
baron
in
BeOS
and
avatar
on some Unix variants.
BSD
often provides a
toor
("root" written backward) account in addition to a root account.
Regardless of the name, the superuser always has a
user ID
of 0. The root user can do many things an ordinary user cannot, such as changing the ownership of files and binding to network
ports
numbered below 1024.
The name
root
may have originated because
root
is the only user account with permission to modify the
root directory
of a Unix system. This directory was originally considered to be root's
home directory
but the UNIX
Filesystem Hierarchy Standard
now recommends that root's home be at
/root
The first process
bootstrapped
in a
Unix-like
system, usually called
init
, runs with root privileges. It spawns all other processes directly or indirectly, which inherit their parents' privileges. Only a process running as root is allowed to change its user ID to that of another user; once it has done so, there is no way back. Doing so is sometimes called
dropping root privileges
and is often done as a security measure to limit the damage from possible contamination of the process. Another case is
and other programs that ask users for credentials and in case of successful
authentication
allow them to run programs with privileges of their accounts.
It is often recommended that
root
is never used as a normal user account,
since simple
typographical errors
in entering commands can cause major damage to the system. Instead, a normal user account should be used, and then either the
su
(substitute user) or
sudo
(substitute user do) command is used. The
su
approach requires the user to know the root password, while the
sudo
method requires that the user be set up with the power to run "as root" within the
/etc/sudoers
file, typically indirectly by being made a member of the
wheel
adm
admin
, or
sudo
group.
For a number of reasons, the
sudo
approach is now generally preferred – for example it leaves an
audit trail
of who has used the command and what administrative operations they performed.
10
Some OSes, such as
macOS
and some
Linux
distributions (most notably
Ubuntu
), automatically give the initial user created the ability to run as root via
sudo
– but this is configured to ask them for their password before doing administrative actions. In some cases the actual
root
account is disabled by default, so it can't be directly used.
In mobile platform-oriented OSs such as
Apple iOS
and
Android
, superuser access is inaccessible by design, but generally the security system can be
exploited
in order to obtain it.
citation needed
In a few systems, such as
Plan 9
, there is no superuser at all.
11
Windows
edit
In
Windows NT
and later systems derived from it (such as
Windows 2000
Windows XP
Windows Server 2003
, and
Windows Vista
10
11
), there must be at least one administrator account (Windows XP and earlier) or one able to elevate privileges to superuser (Windows Vista/7/8/10/11 via
User Account Control
).
12
In Windows XP and earlier systems, there is a built-in administrator account that remains hidden when a user administrator-equivalent account exists.
13
This built-in administrator account is created with a blank password.
13
This poses security risks as local users would be able to access the computer via the built-in administrator account if the password is left blank, so the account is disabled by default in Windows Vista and later systems due to the introduction of User Account Control (UAC).
13
Remote users are unable to access the built-in administrator account.
A Windows administrator account is not an exact analogue of the
Unix
root account – Administrator, the built-in administrator account, and a user administrator account have the same level of privileges. The default user account created in Windows systems is an administrator account. Unlike macOS, Linux, and Windows Vista/7/8/10 administrator accounts, administrator accounts in Windows systems without UAC do not insulate the system from most of the pitfalls of full root access. One of these pitfalls includes decreased resilience to malware infections. To avoid this and maintain optimal system security on pre-UAC Windows systems, it is recommended to simply authenticate when necessary from a standard user account, either via a password set to the built-in administrator account, or another administrator account.
In Windows Vista/7/8/10/11 administrator accounts, a prompt will appear to authenticate running a process with elevated privileges. Usually, no user credentials are required to authenticate the UAC prompt in administrator accounts but authenticating the UAC prompt requires entering the username and password of an administrator in standard user accounts. In Windows XP (and earlier systems) administrator accounts, authentication is not required to run a process with elevated privileges. This poses a security risk that led to the development of UAC. Users can set a process to run with elevated privileges from standard accounts by setting the process to "run as administrator" or using the
runas
command and authenticating the prompt with credentials (username and password) of an administrator account. Much of the benefit of authenticating from a standard account is negated if the administrator account's credentials being used has a blank password (as in the built-in administrator account in Windows XP and earlier systems), hence why it is recommended to set a password for the built-in administrator account.
In
Windows NT
, 2000 and higher, the root user is the Administrator account.
14
Novell NetWare
edit
In
Novell NetWare
, the superuser was called "supervisor",
15
later "admin".
OpenVMS
edit
In OpenVMS, "SYSTEM" is the superuser account for the OS.
Older personal systems
edit
On most personal computers from the 1970s and 1980s, anyone using the system has full privileges, and there is no concept of user accounts.
Windows 95
allows multiple accounts, so that each can have its own preferences profile; each user still has full administrative control over the machine.
See also
edit
Hypervisor
Jailbreaking (iOS)
nobody (username)
passwd
Power user
Privilege escalation
Rooting (Android OS)
Rootkit
sudo
Wheel (computing)
References
edit
"getpwid"
opengroup.org
Archived
from the original on 22 August 2015
. Retrieved
12 January
2019
The Jargon File (version 4.4.7)
Archived
2021-04-18 at the
Wayback Machine
, catb.org
"What is this UID 0 toor account?"
Archived
2020-12-22 at the
Wayback Machine
, freebsd.org
"What is root? - definition by The Linux Information Project"
. LINFO.
Archived
from the original on 2021-05-08
. Retrieved
2012-08-07
"/root : Home directory for the root user (optional)"
Archived
from the original on 2005-05-25
. Retrieved
2015-05-11
"Rootsudo"
ubuntu.com
Archived
from the original on 5 November 2011
. Retrieved
16 September
2015
"4.4. Administrative Controls"
redhat.com
Archived
from the original on 5 June 2015
. Retrieved
16 September
2015
"2.3. Configuring sudo Access"
redhat.com
. Archived from
the original
on 2019-12-22
. Retrieved
16 September
2015
"difference adm - root"
Archived
from the original on 5 November 2016
. Retrieved
1 August
2016
Brian Wotring (2005).
Host Integrity Monitoring Using Osiris and Samhain
. Elsevier. p. 32.
ISBN
978-0-08-048894-3
Archived
from the original on 2024-05-24
. Retrieved
2018-12-17
Cox, Russ; Grosse2, Eric;
Pike, Rob
; Presotto, Dave; Quinlan, Sean,
Security in Plan 9
Bell Labs
, archived from
the original
on 11 July 2018
{{
citation
}}
: CS1 maint: numeric names: authors list (
link
"Microsoft Corporation"
. Microsoft.com.
Archived
from the original on 2012-07-11
. Retrieved
2012-08-07
"Enable and Disable the Built-in Administrator Account"
. microsoft.com. 25 July 2008.
Archived
from the original on 2013-11-27
. Retrieved
2014-02-26
"The LocalSystem Account"
microsoft.com
. Microsoft.
Archived
from the original on 13 March 2016
. Retrieved
16 September
2015
"Supervisor (Bindery) User Created on Every NetWare 4 Server"
Archived
2017-11-07 at the
Wayback Machine
, 01 Feb 1996, novell.com
External links
edit
Look up
superuser
in Wiktionary, the free dictionary.
root Definition
– by The Linux Information Project (LINFO)
An Introduction to Mac OS X Security
Retrieved from "
Categories
System administration
Operating system security
Hidden categories:
Webarchive template wayback links
CS1 maint: numeric names: authors list
Wikipedia pending changes protected pages
Articles with short description
Short description matches Wikidata
All articles with unsourced statements
Articles with unsourced statements from June 2022
Superuser
Add topic
US