Saturday, July 31, 2010

Refuting root’s god-like status

Two days ago, a presenter at an IT conference was explaining some issues on security.

And she blurted away "root is like a god in UNIX" . I know it was said more for a dramatic effect, and she probably does not believe in god anyway. As ego took over, I grabbed a notepad and scribbled some points on why even though root can execute practically any command, a root is not a god even within its own environment. They are probably seven skies apart, no resemblance nor likeness whatsoever.

This all just for fun... you have to understand UNIX to make any sense of my rambling:

  1. God exists, while root does not. root is just a user id, it does not represent any real identity – anybody with the password could be a root;
  2. God has been present before everything else, while root was created during OS installation;
  3. God will always be and will never cease to exist, while root can be erased when the hard disk is initialized (or another uid 0 deletes the root id);
  4. God is beyond compare of anything else, while root can be imitated by another uid 0;
  5. God stands by Himself wile root requires a proper shell environment and resources to execute even a simple command;
  6. God is singular, while root could be many. Create another uid 0, just don't let your boss know;
  7. God has boundless power, while root's power is limited. Root will not be able to create a user when a similarly named user already exists;
  8. God has own free will, while root takes order from a superior. Else the human root would not have stayed up all night in the data center;
  9. God has unlimited knowledge, root is dumb. Tell root to do chmod –R –x * and it will lock itself out, and thus lock you in the data center for another day;
  10. God is alive, root is dead until somebody logs in or a cron job kicks off;
  11. God can hear, root is deaf. Yell all you want, root will not listen and undo that rm –rf * mistake;
  12. God can see, root is blind. Again, root does not see if your pwd is / or somewhere else when you do the rm –rf *;
  13. God can speak, root does not. That's why it doesn't tell you it has been executing that infinite loop for the last 4 hours;

More importantly, God is able to create anything that could be created and terminate anything that could be terminated. Root's limited power is in effect only within its own shell. It is a superuser at best.

Glory to You Allah, there is no knowledge in us except those that You have taught us. Truly You the Most Knowledgable and the Most Wise.
God please increase in me knowledge.

Allah please send salawat and salam to our Master Muhammad and to all his family and companions.

Allah please place the Imams Abu Hassan Ash-Sha'ari and Abu Mansur al-Maturidi at the highest place amongst those that you love.