Superuser

From Wikipedia, the free encyclopedia

Jump to: navigation, search

On many computer operating systems, the superuser, or root, is a special user account used for system administration. The "Super User" in enterprise programs (SAP, Oracle) often refers to an individual who is an expert in a module or process within the enterprise system.

Many older operating systems on computers intended for personal and home use, including MS-DOS and Windows 9x, do not have the concept of multiple accounts and thus have no separate administrative account; anyone using the system has full privileges. Separation of administrative privileges from normal user privileges makes an operating system more resistant to viruses and other malware, and the lack of this separation in these operating systems has been cited as one major source of their insecurity.[citation needed]

Contents

1 Unix and Unix-like 2 Windows NT 3 Novell NetWare 4 SAP & Oracle 5 See also 6 References 7 External links

[edit] Unix and Unix-like

In Unix-style computer operating systems, root is the conventional name of the user who has all rights or permissions (to all files and programs) in all modes (single- or multi-user). Alternative names include baron in BeOS and avatar on some Unix variants. BSD often provides a toor ("root" backwards) account in addition to a root account for better usability while performing administrative tasks. The root user can do many things an ordinary user cannot, such as changing the ownership of files and binding to ports numbered below 1024.

It is never good practice for anyone to use root as their normal user account, since simple typographical errors in entering commands can cause major damage to the system. It is advisable to create a normal user account instead and then use the su command to switch when necessary. The sudo utility can also be used instead to allow a measure of graduated access.

Many operating systems, such as Mac OS X and some Linux distributions, allow administrator accounts which provide greater access while shielding the user from most of the pitfalls of full root access. In some cases, the root account is disabled by default, and must be specifically enabled. In a few systems, such as Plan 9, there is no superuser at all.

Software defects which allow a user to "gain root" (to execute with superuser privileges code supplied by that user) are a major computer security issue, and the fixing of such software is a major part of maintaining a secure system. One common way of gaining root is to cause a buffer overflow in a program already running with superuser privileges. This is often avoided in modern operating systems by running critical services, such as httpd, under a unique limited account. A related term is rootkit, using root privileges to conceal certain data from the system administrator.

[edit] Windows NT

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT. The Local System account can be accessed by the user by making Task Scheduler start a command prompt, which is then launched as Local System (the account Task Scheduler runs on), allowing you to run anything as Local System.


In Windows Vista or later, you can use User Account Control to run a process with elevated privileges (for example, by right-clicking (Windows 2000 users must hold the SHIFT key while right-clicking) on the program and selecting Run as administrator). In earlier version of Windows, the command runas fulfils this task (see Microsoft's documentation for runas for more details).

[edit] Novell NetWare

In Novell NetWare, the superuser is called 'supervisor'.

[edit] SAP & Oracle

SAP and Oracle are well known enterprise systems which often require a complex set of training in order to learn. Because of this, and also to encourage engagement with the systems, many companies have created a "Super User Model" (also called Power User, Champion) in order to take regular users and raise them to a level of leadership within the system. Doing this accomplishes three objectives[1][2]:

1. More engaged use of the system as there is a personal face assigned to champion the system and make acceptance of the technology less challenging.

2. A significant time and cost reduction as companies are not seeking or hiring new or temporary resources for the purposes of developing and/or delivering documentation, training, and support.

3. ROI or proof of concept of the SAP investment should be more easily achieved as users are directly involved, thereby using the system invested in, which benefits the company overall.

Extensive research has been done specifically with the Super User Model in SAP, specifically in regards to the role they take in training and supporting end users. Currently, more than 70% of SAP companies utilize a form of the Super User Model.

[edit] See also

nobody (username) Power user

[edit] References

^ User.pdf Super User Whitepaper, The Super User Model in SAP ^ The SAP Super User - Video Summary, The Super User Model in SAP - Video by Insite Objects

[edit] External links

root Definition - by The Linux Information Project (LINFO) Superuser Privileges - Linux: UBLinux 4 (GNU) An Introduction to Mac OS X Security Discussion on origin of Charlie Root at pipermail
Retrieved from "http://en.wikipedia.org/wiki/Superuser"

You are viewing a mobilized version of this site...
View original page here

How do you rate mobile version of this page?

Mobilized by Mowser Mowser