Forum Question: Root User

to set up a root user, i go to system/library/ and click on Directory Service, correct? And then choose a user name and password, or just a password? Currently, I am the only one using my Mac, do you recommend setting up the root user? When I have another admin user on my Mac I should set up the root user so that user couldn’t, correct? How dangerous is it to have the root user account active?

— JC

Comments: 3 Responses to “Root User”

    11/24/09 @ 2:14 pm

    For lots of official information about how to enable the root user, see:
    http://support.apple.com/kb/HT1528
    As to whether it is dangerous, you have to ask yourself some questions: Who has access to the machine? The root password? What is on the machine? Could you afford to lose it and start over, etc.
    In general, if someone is an admin, they can already do just about everything with the Mac and its data. So, why are you enabling root in the first place? Why are you worries that the other admin can become root — who is that other admin and why are they an admin if you don’t trust them?

    JC
    11/26/09 @ 11:51 pm

    I am concerned about snooping. If I set up an account for her that’s only a standard account, then she’ll think I won’t trust her and wonder why it’s only standard. If I setup an admin account account I am worried she’ll enable the root account to read my files (snoop). I am not worried about files being deleted.

    I read the link you gave me and it said “The root user should only be used for specific administration or monitoring tasks. After completing a task as the root user, you should log out of Mac OS X and log back in using a normal or administrator account. You should disable root access if you do not use it often.”

    I was planning on just setting up the root so it couldn’t be set up by anyone else, but reading the support bulletin link, it’s implying it’s dangerous/unstable/unnatural to have the root active . . . that we should de-active it as soon as possible. I am baffled, what’s so dangerous by having the root active and not being used??

    Thanks for your help!

      11/27/09 @ 5:36 am

      Remember that people aren’t the only entities “doing” things on a computer. Applications “do” things. So if an Application has root privileges, it can “do” things as root. So if you end up getting a piece of malicious software, and it can get root access, then you are in trouble — well at least as much trouble as you can get into. I mean, if you have sensitive info on your Mac, like a spy might have, security might be a top concern. If you just have photos of your cats, then maybe not so much. And there are no such known malicious applications out there — it is just in theory.
      And in your case, root user doesn’t matter too much. If you are both admin users, there are ways to access each others’ files.
      It sounds like there may not be an ideal solution for you. If you share a computer you might just have to deal with transparency.

Comments Closed.