Frequently Asked Question

Why is the root user so dangerous, and what does UID 0 really mean?

UID 0 is special-cased throughout the kernel: most permission checks short-circuit to "yes" when the calling process has effective UID 0. Root can read or modify any file on the system regardless of its permission bits, send any signal to any process, mount and unmount filesystems, load and unload kernel modules, bind to privileged TCP ports below 1024, change another user's password, and reboot the machine. There is no further authority above root inside the kernel.

That omnipotence makes root catastrophic to lose control of, and embarrassingly easy to misuse. A typo in rm as your normal user destroys one project; the same typo as root can destroy the operating system. The standard hygiene is: do not log in as root, do not leave root shells open longer than needed, and do not run programs you have not audited under sudo. Many distributions disable direct root login entirely (Ubuntu sets passwd -l root), forcing every privileged action through sudo so it gets logged and attributed to a real account.