Have you ever tried to do something on your computer or phone, only to be met with a message saying you don’t have permission or the right privileges?
Not all users have the ability to do whatever they want with a device’s operating system. Having different privileges for different users is essential for data security and preventing scenarios where unaware users end up accidentally deleting important system files. But what if you want to be able to fully customise your device to better fit your needs?
This is where root access comes in. With root access, you’ll be able to have full control over your device’s operating system and make all the changes you want. To learn more about root access, its advantages and disadvantages, and how you can get root access to various operating systems (including Linux, Windows and Android), keep on reading.
What is root access?
Having root access means that you’re authorised to access any resource and execute any command on a device (such as a computer, server or mobile phone). So, if you have root access, you have the highest level of privilege possible and nothing is hidden from you.
Sometimes, a root account (an account that has full access to everything on the device) is called an administrator account. These terms are often used interchangeably, but in some cases, an administrator account has slightly lower privileges than a root account.
Root users are also sometimes called superusers. If you see the terms ‘root user’, ‘administrator’ or ‘superuser’, this indicates that this user has full privileges and can make changes to how the device is configured. Any other users will have fewer privileges, which could mean the ability to see system files without being able to edit them, or these users may not be able to look at these files at all.
What is the kernel in an operating system?
Your device’s operating system will have different layers of access, with the deepest layer being the kernel. The kernel is a computer program at the core of the operating system. It controls everything in the operating system and facilitates communication between your device’s hardware and software.
Other layers in your operating system will include device drivers, the file system, application programming interfaces (APIs) and the user interface (UI), which is the point of human-computer interaction. Varying levels of privilege are needed to access different layers of the operating system, with only root users (or superusers) being able to access the kernel.
Operating system privileges
As indicated earlier, different levels of privilege are needed to access different parts of the operating system. For example, if you only have ‘read’ privileges for certain bits of data, you can view these files but not make changes to them. To make changes, you would also need ‘write’ privileges. Some users may have even lower levels of privilege where they aren’t permitted to view certain files at all. This is particularly useful for public computers to improve data privacy.
In general, it’s best to follow the principle of least privilege. This information security guideline states that users should be given the minimum permissions possible to allow them to do what they need to do. This can prevent catastrophic mistakes such as accidentally deleting critical system files and also prevent people from seeing information that’s not meant for them.
Therefore, most users should have fewer privileges. The root user has the highest privilege possible as they are not denied read or write permissions for anything, so it’s vital that this user knows exactly what they are doing and is authorised to view any information on the device.
Root access in VPS hosting, cloud hosting and dedicated server hosting
Full root access is often listed as a benefit in VPS hosting, dedicated hosting and cloud hosting packages. As explained above, root access to a device means you can see and edit all files – even system-critical files. This means you can fully customise your server if you have full root access, which is very beneficial for those who have specific tasks in mind for their server (e.g., developing and testing their own apps).
For cheaper shared hosting packages, full root access isn’t possible. This is because you’re sharing the same physical server with other customers, so you can’t customise the server to your exact preferences. Plus, if one person started editing system files, this could compromise the performance and security of the server for all other customers.
However, since VPS hosting, cloud hosting and dedicated hosting all give you access to your own isolated server environment (either virtual or physical), you get complete control over its setup and configuration. With root access, you can accomplish the following tasks on your server:
- Split and merge multiple cPanel accounts using SSH
- Upgrade PHP using EasyApache
- Configure firewall settings
- Mount and unmount file systems
- Disable ModSecurity for a domain
- Use the Linux top command in batch mode
- Install third-party software
- Host multiple websites
- Develop and test your own applications
Full root access isn’t a necessary feature for all customers, and in some cases, it can do more harm than good. For inexperienced users who only want to perform basic server functions (such as hosting a website or storing data), a managed server may be a better choice than an unmanaged server. You’ll still be able to do what you need to do, but there will be less risk that important system files could be accidentally altered or deleted.
Typically, managed hosting packages don’t include full root access because server configuration and server management are handled by the hosting provider. Therefore, there’s no need for the customer to have access to the kernel, and according to the principle of least privilege, it’s best not to give more control than is necessary.
Managed servers are a much more user-friendly option for people who don’t have a lot of technical expertise. Plus, since you won’t have to perform daily server management (such as installing updates), having a managed server can save you a lot of time. However, managed servers can be much more expensive, so an unmanaged server with full root access may be the best choice if you’re on a tighter budget.
Root access for different operating systems
How does root access work for the most common operating systems? Find out how to get root access to different operating systems on different devices (e.g., phones, computers and servers) below:
Root access: Linux
Linux is one of the most popular server operating systems. By default, a root account is created when you install Linux. This account can modify the operating system as needed, but it’s not meant to be used as a regular user account.
If a user wants to temporarily get root access to make higher-level changes to the device, they can use the ‘sudo’ (superuser do) command. To do this, you’ll need to:
- Open the Terminal menu item, which opens a text-based terminal interface.
- Type in the ‘sudo’ command followed by a command for what you want to do.
- Provide your username and password.
Only users with administrator privileges (i.e. those added to the ‘/etc/sudoers’ file) can use this sudo command. If you don’t have these privileges, you’ll need to use the ‘su -’ command and provide the root password. The su command is then preserved until the end of the session.
Root access: Windows
With a Windows server, you’ll also get access to a root or administrator account to make your preferred changes. To log into your Windows server with this root account, you’ll need to establish a Remote Desktop Connection. Launch the Remote Desktop Connection application, type in the ‘Administrator’ username and administrator password (which should have been provided by your hosting company), and type in your server’s IP address. This will connect you to your server with your administrator or root account, giving you full root access.
On a Windows computer, the primary user account used to also be the administrator account. However, this has changed with modern versions of Windows to provide more security. Now, the built-in administrator account is not enabled by default and should be used sparingly. If you try to perform an action that requires root privileges, you’ll trigger a Windows User Account Control (UAC) prompt. You will then have to provide the administrator password to continue. Alternatively, you can launch the Command Prompt or Windows Terminal from the administrator account to avoid having to repeatedly provide a password.
Root access: Android
Although Android is an open-source operating system, you won’t have root access when you buy an Android device such as a smartphone. This is to prevent people from making mistakes when attempting system changes.
So how can you make these changes to your Android device if you don’t have a root account like with Linux and Windows? To get around this, you can use a rooting app to gain root access to certain phones, or you may need to use a computer and the Android Debug Bridge (ADB) programming tool to get this done with other phone models. Make sure you read or watch a rooting tutorial for your specific device before getting started.
Once you’ve got root access to your Android phone, you can alter or replace system settings and applications, remove provider bloatware (unwanted pre-installed software) and download any software or apps you want. All of these changes can open up your device to potential system failures or malware, so root your Android device at your own risk.
Root access: Apple
For Apple products, you either need root access to macOS or iOS depending on which device you’re using.
If you have an Apple Mac computer, the method for gaining root access to macOS is similar to getting root access to the Linux operating system. You can gain root access temporarily when trying to perform specific actions by clicking on the lock icon. You’ll need to enter the root user password to unlock system settings, and you can lock them again when you’re done.
The process of rooting iOS devices (e.g. iPhones and iPads) is called jailbreaking. Again, like with rooting an Android device, you’ll need to look at specific instructions for your particular Apple device if you’re interested in jailbreaking, but the general idea is that you’ll use jailbreaking software and tools to break the iOS security measures. Once this is complete, you can download apps from third-party stores, remove bloatware and completely personalise your device.
Advantages of rooting and root access
If you know what you’re doing, root access can be a fantastic tool for getting the most out of your computer, server or mobile device. Here are the main advantages of gaining root access to the operating system:
1. Full customisation and control
With a root account on your server or computer or by rooting your smartphone, you can have full control over your device. Root access allows you to configure your device’s settings so that it exactly fits your needs, which means you can personalise it by adding your own custom icons, wallpapers, security settings and software. With full root access to your server, you can accomplish more complex and unique tasks such as hosting multiple websites, configuring your own firewall settings, and developing and testing your own apps.
2. Improved performance
By removing unnecessary pre-installed software, you can streamline your device with root access and therefore improve its performance. Getting rid of these unneeded files will give you more storage space for your own software and applications.
3. Ability to download any app or software
Full root access will enable you to download any apps or software you want. For example, with Apple iPhones, you usually can’t download apps from any third-party providers, but jailbreaking will remove these restrictions and allow you to download any apps.
4. Access to the latest updates
With root access, you can manually approve updates whenever you want rather than relying on automatic updates. This is particularly useful if you have an older device that’s no longer automatically updated by the manufacturer. If you have an unmanaged server, you will need to install all updates yourself, which means full root access is a must.
Disadvantages of rooting and root access
With great power comes great responsibility. Although root access can give you a lot of control over your server, computer or mobile phone, it can also lead to a plethora of problems if you don’t know what you’re doing. These can include:
1. Bricking your device
A bricked device is no longer functional due to corrupted firmware, hardware issues or other forms of damage. If you accidentally delete or alter important files as the root user, you can risk bricking your device and therefore irreversibly damaging it.
2. Invalidating your warranty
Particularly with phones, damaging the device due to root access can invalidate your warranty. So, if you brick your phone after rooting it and trying to modify it, your warranty will no longer be valid and the manufacturer won’t cover the cost of repairs.
3. Accidentally downloading malware
With root access, you can bypass your device’s cybersecurity features. This is fantastic for allowing you to do exactly what you want, but this also means that your device is now more vulnerable to malware, viruses and other security threats. Plus, if you decide to download apps from third-party sources, you could end up downloading malware straight onto your device if you’re not careful, meaning that cybercriminals will then have access to your device and your data.
4. Data security concerns
If you end up with malware on your device, this could compromise the safety and security of your data. And, even if you protect yourself against malware with antivirus software, giving someone the wrong permissions on a device (e.g. giving an unauthorised person root access on a computer or server) could lead to data leakage. If you’re faced with a privilege escalation attack, your data or your organisation’s data could end up in the hands of cybercriminals.
Unrooting a device
If you decide to ‘unroot’ or ‘un-jailbreak’ your phone, this is entirely possible if you follow the right tutorial for your phone. It’s a good idea to return your phone to its original state if you’re selling it, trying to do a warranty return or wanting to protect your phone against security issues (especially if you realise you don’t have the expertise to root your phone safely).
To keep your data safe on your computer or server, you should always follow the principle of least privilege. Only allow trusted people (or just yourself) to have root access to your the device’s operating system. If you’re running a business, you need to ensure that no one outside the organisation can see or edit sensitive data on your server.
For more online safety and data security tips, such as tips on how to back up your website or keep your server secure, visit the Fasthosts blog. If you want to learn more about root access on your devices or servers, get in touch with our friendly support team for further advice.