Should the root account be disabled in Fedora 18?

In Linux and other UNIX-like computer operating systems, the root account is the administrator account. A user with root privileges can perform many tasks that a standard user account cannot. In current editions of Fedora 17, the idea of a disabled root account is a foreign one.

But come Fedora 18, the next stable release, the root account will be disabled by default. It is one of the many new features of Anaconda, the Fedora system installation program. That at least is what you see in the just released Fedora 18 Alpha.

In this screen shot, which from the main interface of Anaconda, you can see below the ROOT PASSWORD button, though not readily legible, a 4-word phrase that says, root account is disabled.
Fedora 18 Root Account

Clicking on the root account button in the previous image automatically enables it, provided you specify the password.
Fedora 18 Root Passwd

With the root account disabled, the user created during the installation process is assigned to the Administrators group by default. This, of course, gives this user all admin privileges.
Fedora 18 User Account

For visitors looking to get a site online this web hosting review site provides reviews of cheap, reliable hosting companies all of which operate in a Linux environment.

The thing that I do not understand is, why is it even necessary to disable the root account? Is there any disadvantage to having a system with the traditional root account enabled? I cannot think of any reasonable one, can you?

Related Posts

Cinnamon proposed to replace GNOME Shell as default DE on Fedora 19 It was lobbying by the GNOME devs that made GNOME 3 the default on Fedora, but now it seems that somebody has had enough. That somebody has proposed m...
How to install Steam Client on Fedora 20 This tutorial shows how to install Steam on Fedora 20 (install Steam on Fedora 20). Fedora 20 is the latest edition of the popular, multi-purpose Linu...
How to customize Cinnamon on Fedora 16 and Linux Mint 12 Cinnamon is a fork of GNOME 3 Shell by the developers of Linux Mint. If this is news to you, you might want to read "What does Cinnamon bring to the d...
tboot in Fedora 19: Don’t worry, it’s just a bug After installing Fedora 19 beta and rebooting my test computer, I noticed that one of the options available in GRUB's menu is tboot 1.7.0. Not sure wh...
How to enable the btrfs Anaconda option on Fedora 13 Fedora 13 is one of a handful of Linux distributions with support for btrfs, the B-tree File System, one of the newest file systems in the Linux kerne...
How to use fedora-tools image for Fedora Atomic Host Fedora Atomic Host is a container-native version of the Fedora distribution. It is one of several operating systems expressly designed for running con...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at ContainerizeThis.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


101 Comments

  1. Disabling root is just more security through obscurity. It doesn’t really make the system more secure — in fact by encouraging the proliferation of superuser accounts (via sudo) I would argue it makes the system marginally less secure. It’s an idea that sounds good at first but actually turns out to be one more complication in an already overly complex system. The real answer is better audit logging and, most importantly, changing the root password periodically (maybe even without advance warning). It is much more practical (and efficient) to keep track of password expiration and usage of one superuser account (root) across 100’s of machines machines than 20 or 30 on the same number, which is actually on the low side for the number of sysadmins who might need root privileges in many enterprise shops.

Leave a Comment

Your email address will not be published. Required fields are marked *

*