Being root

[Gilles Gravier]

Hi, Amedee!

Amedee Van Gasse (Ubuntu) wrote:
> You did not understand what I wrote. It must be a language issue.
> In Ubuntu they don't ask for a root password. A root password is
> automatically created with some kind of random function. This random
> password is never told to the user.
>
> Perhaps you understand it better if I formulate it this way?
>
>   
This is not correct. On Ubuntu, there is NO root password that is created.

The "encrypted password" (stored in /etc/shadow) is set to "*" which is
not something that maps to a real password. There is no password (random
or not) that can get encrypted to "*" using the encryption functions in
Ubuntu. What this "*" means is that there is no password that works for
root... in effect, you cannot log in as root until you manually set a
password yourself for root.

Note that there is a VERY good reason to do that. Enabling root user
leads to lots of security issues, in particular the fact that you can't
audit root activities to specific physical users. Whereas if you "sudo"
every administrative command, you get a proper audit log for who did
what in terms of administration on the system.

This is important in multi-user systems (which Ubuntu is designed as).

Of course, this being Linux/Unix, you CAN change the password of root to
something real, and then log in as root. But you do this at your own
risk and you should be aware of this.

Gilles.