This content is part of the Essential Guide: What's the best Linux OS for your enterprise data center?
Get started Bring yourself up to speed with our introductory content.

Chapter excerpt: Keeping Linux safe with root privileges

Privileged users have superpowers that keep Linux secure. Learn how to configure and run commands with root privileges in this free book excerpt.

Linux system administrators must deal with any system-related problems -- from simple login errors to installing software to something more complicated like network glitches.

Mark Sobell, author, A Practical Guide to Fedora and Red Hat Enterprise LinuxMark Sobell

A Practical Guide to Fedora and Red Hat Enterprise Linux, Seventh Edition, describes the current versions of Red Hat Enterprise Linux (RHEL) and Fedora server OSes. In this Linux guide, Mark Sobell, a Linux expert, author and president of consulting firm Sobell Associates Inc., explains what's changed in RHEL 7 (beta) and Fedora 19. He also focuses on the skills that users, administrators and programmers need to succeed.

In Chapter 10, System Administration: Core Concepts, excerpted below, Sobell illustrates the fundamentals of system administration with helpful tips and warnings -- he also takes admins through operating commands with root privileges. Readers will learn about working with root privileges, system operations, configuration tools and other utilities, as well as how to set up and secure a server.

Linux offers several ways for a trusted user to execute commands and access files that keep the system running securely. Trusted users gain root privileges with commands such as su, sudo and kill, but must be mindful of warnings such as "root-owned set user ID (setuid) programs are extremely dangerous." From Chapter 10, System Administration: Core Concepts:

Because root-owned setuid programs allow someone who does not know the root password and cannot use sudo to gain root privileges, they are tempting targets for a malicious user. Also, programming errors that make normal programs crash can become root exploits in setuid programs. A system should have as few of these programs as possible. You can disable setuid programs at the filesystem level by mounting a filesystem with the nosuid option (page 522). You can also use SELinux (page 472) to disable setuid programs. See page 458 for a find command that lists all setuid files on the local system. Future releases of Fedora/RHEL will remove most setuid files; see

Learn how to use these and other commands to secure your Linux system from invaders in this longer excerpt from the guidebook here.

Editor's note: This excerpt is from A Practical Guide to Fedora and Red Hat Enterprise Linux, Seventh Edition, authored by Mark Sobell, published by Pearson/Prentice Hall Professional, January 2014, ISBN 978-0-13-347743-6, Copyright 2014 Mark G. Sobell.

Dig Deeper on Linux servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.