From this article you’ll learn how to create a user in Linux and grant root access to him or how to grant root privileges to already existent user.
Do you own a Mac? Is it running Apple's latest macOS, the 'High Sierra?' If so, be extra careful with who you allow access to your machine. A security flaw recently discovered by a developer named Lemi Orhan Ergin can easily allow anyone unfettered access to everything on your machine, and by extension, give them an easy 'in' to whatever network it's connected to. Since the root user essentially has access to every part of your Mac, make sure you choose a strong password! Once the process is complete, you should see the following message: Root is now enabled on your laptop or computer, and you can start using it for tasks that would be impossible to complete via a regular user account. In Mac, the root directory can also be referred as Macintosh HD as this will show you the root directory files and folders. By default you won’t find it in Finder and desktop as most of the users do not need to access the system files and folders.
This can be easily done by changing
UID
(user id) and GID
(group id) in /etc/passwd
file.Also you will learn how to just add user to root group and i will explain how to delete user with root privileges.
Actually it is not a good idea to give all the privileges of root to a non-root user and outside the test environment i would not recommend to have multiply superusers.
Warning: Giving a non-root user all the permissions of root is very dangerous, because the non-root user will be able to do literally anything that could cause a big trouble if account is hijacked.
Check SSH Server Settings: If you have disabled root access in SSH server settings, by setting
PermitRootLogin no
in /etc/ssh/sshd_config
– you won’t be able to login if your user has UID 0
.Warning: Before moving forward, read the comments below and DON’T FOLLOW THE STEPS FROM THIS ARTICLE if you don’t understand of what you are doing and what impact this may have!
Grant Root Privileges To New User
Let’s say you need to create a new user and grant him root access to the server.To create a user with exactly the same privileges as root user, we have to assign him the same user ID as the root user has (
UID 0
) and the same group ID ( GID 0
).Use the following commands to create a user
john
, grand him the same privileges as root and set him a password:Grant Root Privileges To Existent User
Cool Tip: Dot the i’s and cross the t’s on file and folder permissions in Linux! Make it more clear! Read more →
Perhaps you already have a user
john
and you want to grant him root privileges (make him a second root user):For this, it is required to edit the file
/etc/passwd
and just change UID
and GID
to 0
:Add User To Root Group
If you just want to add
john
to root group, without granting him all root privileges, run the following command:Delete User With Root Privileges
Cool Tip: Log in to a remote Linux server without entering password! Set up password-less SSH login! Read more →
You won’t be able to delete a user with
UID 0
using userdel
command:To delete him, firstly open the
/etc/passwd
file and change his UID
.For example, change the line:
to something like:
After this, you’ll be able to delete user
john
with userdel
command:Do you own a Mac? Is it running Apple's latest macOS, the 'High Sierra?' If so, be extra careful with who you allow access to your machine.
A security flaw recently discovered by a developer named Lemi Orhan Ergin can easily allow anyone unfettered access to everything on your machine, and by extension, give them an easy 'in' to whatever network it's connected to. All they need is physical access.
Root Access Mac Terminal
Exploiting this vulnerability is a lesson in simplicity. All a hacker has to do is enter 'root' in the username field, leave the password field blank, and press Enter.
Done.
They now have total access.
Needless to say, this is a large and rather glaring security issue, and one which Apple will be remedying in the near future via a patch. Until they do, however, be aware that the physical security of your Mac is of paramount importance. Leaving your workstation unsecured and unattended, even for a few minutes, is all it would take to lose control over all the files on your machine and give a hacker access to the even more sensitive data lurking elsewhere on your company's network.
Unfortunately, as bad as this security flaw is, it's not the only recent stumble by Apple. Just last month, the company had to issue an emergency patch to fix a flaw that affected encrypted volumes, where the password hint section was displaying the actual password in plain text.
To try this exploit out for yourself to verify how easy it is to use, simply do the following:
- Open your machine's System Preferences and select 'Users and Groups'
- Click on the lock icon, which will allow you to make changes. You'll get a user name and password box at this point
- Type in 'root' in the username field
- Move the cursor into the password field and hit enter
That's all there is to it.
Until Apple issues their patch, the best thing you can do is leave your machine on and lock your workstation when you step away. At least that way, the hacker would have to know your current password in order to gain access.
Of course, they could simply power the machine off and reboot, but that would take a bit more time, during which they could be discovered.
Root Access For Pc
It's far from perfect, but for the time being, it's the best protection you have.