Tuesday, January 20, 2026
Latest:

Threatshub.org sponsored-Post

ZDNet | Security

What a Linux root user can do – and 8 ways you should absolutely never use it

TH Author
Glowing keyboard

Uladzimir Zuyeu/iStock/Getty Images Plus

Follow ZDNET: Add us as a preferred source on Google.

ZDNET key takeaways

  • The root account must be used with caution.
  • Run the wrong command, and disaster could strike.
  • Instead, you should always use sudo.

When I first started using Linux, there was no choice but to work with the root user. If you needed elevated permissions, you had to su to the root user and take care of things.

Most modern Linux distributions now use sudo, which temporarily gives standard users administration rights. This approach is more secure because you’re not logging in to the root user account and leaving it open. 

Also: The first 8 Linux commands every new user should learn

In some instances, such as Ubuntu, the root user account is disabled by default to provide additional security.

Even though the root user account is disabled, it’s still accessible. You enable it by simply setting a password for the account. But what can that root account do? The answer is quite a lot.

What root can do

Access

The root user can execute any command on a system. Root can also execute those commands with zero restrictions. This capability applies to both command-line and GUI tools.

The root user also has unrestricted access to every file and folder on the system, regardless of permissions. The root user can access (read, write, delete) important directories, such as /etc/, /usr/bin, /usr/sbin/, /boot, and more. In addition, the root account can access users’ home directories and all the data.

Also: My 5 favorite Linux text editors (and why you should be using one)

Root can also modify system configurations. That ability applies to both system-wide configurations and user-specific configurations.

User management

The root user can create users, delete users, change user permissions, manage groups, modify user groups, and alter file/folder ownership.

Apps

Root can install and remove applications, as well as update and patch the system.

Maintenance

The root user can manage system services. Those services can be stopped, started, restarted, enabled, and disabled. Root also has full access to system logs, regardless of where they are housed. 

Root can also set up, run, manage, and even delete backups and restore points.

Security

Security is a crucial aspect to consider, given that the user root can set up, manage, and disable firewalls. 

Also: Logging in as root on Linux? Here’s why that disaster waiting to happen

Root can also set and manage security policies (such as password expiration dates and policies that prevent unauthorized access).

What you should never do as root

It should be easy enough to say, “Do not use root.” Even with sudo access, there have been occasions when I had to use root (such as when configuring certain aspects of Docker containers).

Also: 7 deprecated Linux commands you need to stop using – and what to use instead

For those who want to know what to avoid with root, the list is pretty straightforward. Don’t do the following:

  • Change critical configurations (especially those that could prevent a system from booting).
  • Delete critical system files.
  • Change a file or folder’s permission to 777, as this approach recursively gives user, group, and OTHER read, write, and execute permissions. 
  • Run the command rm -rf /*, which will delete everything on your system.
  • Do not delete all cron jobs, as important scheduled tasks (such as rotating logs) will not run.
  • Never run the emoticon fork bomb (which is :(){ :|:& };:) because it will immediately crash your system.
  • Never run the following find command (as it will delete everything): sudo find / -type f -exec shred -n 5 -z -u {} +.
  • Run the dd command incorrectly, as you could wind up writing over the disk that contains your OS.

Just don’t run commands as root. If you need to use a command that requires admin privileges, always use sudo, so you have a better chance of avoiding catastrophe. 

Also: I’m a command-line pro, and this is the best terminal app I’ve ever used

You should never have to work with the root user account on Linux, especially on a desktop installation. There can be occasions when you need to use root on a server. If you must use root, do so with caution. Always know exactly what you’re doing. If there’s any doubt, either don’t do it or test it on a non-production machine.

Remember, sudo is your friend.

READ MORE HERE