hi guys,

if a user belongs to the root group does that just mean he can access/write to every file on the system, but the system will still ask you for the root password when security is a concern (installing etc) just wanted to clear it up...thanks

As far as I know you MUST be the user "root" to do certain things, period. I believe every file/directory has "owner," "group," and "everyone" with permissions like "none," "read-only", and "read/write." I don't know how to use the console very well anymore because I had a stroke, take psych-meds, and have not used Linux for almost 10 years but plan on trying to refresh my memory as best I can with openSUSE, Ubuntu, and Puppy Linux.

If possible please read about sudo.
Please provide some more information along with an example.
We want to know what you trying to achieve.

1 members found this post helpful.

Thanks for the correction -- I really am hungry for Linux whenever I feel up to it... I used to be considered a senior member as fatpigjoke or something like that in High-School about 10 yrs. ago...

Arch Wiki has a good introduction to the concept of users and groups: https://wiki.archlinux.org/index.php/Users_and_groups

To answer your specific question, as I understand it, each user in Linux has a group. (For example when I create the user "snowpine" I also create a group called "snowpine" containing the user.) So, to the extent there is a user named "root" there must also be a group called "root."

It varies from distro to distro, but these days, "best practice" is typically to add your administrative users to the "sudo" or "wheel" group (not the "root" group).

No, it doesn't. It depends on the permissions set for a given file or folder. You can give root privileges to a user via the sudoers file or else just execute the su command from the console. You will give the root password only once and run programs as root until you logout.
jdk

The group "root" has no special significance to the kernel. Of course any specific file or directory can grant permissions to the "root" group, just like any other group ID. It is possible that some privileged commands might allow certain functions for members of the "root" group and not for others, but that is decided in the code for that executable. An example of something similar is that on some systems you have to be a member of the "wheel" group (and know the password) in order to su to the "root" UID.

Hi. Here I was hoping to learn about sarsaparilla or something... I always have to do something like:best wishes and have fun.

hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...

the point i was trying to make is that Linux doesnt work like a windows system in regard to users and groups right? eg: you cant install programs using the guest account in windows, yet i can add a domain account to local administrators and have full access...does linux always prompt for root password regardless of what group/s you belong to ie: root group?

thanks for all the input

Yes.

I read somewhere (probibly here at LQ) recently that microcoughed-winblow$ has two or three layers to it and the average Linux triples that hence the security and stability if you do things right.

Any user can in fact belong to many groups, but there is one main group any user belongs to.
This is distro dependent behavior. While this is for example standard behavior for Debian systems (any creation of a user also creates a group, if not specified differently), it is not true for Slackware, where all users by default have the same main group "users".
Not really. Like any other user the root user also needs a main group, but that this group is also called root is just a convenient convention.

To answer the question: The root group works like any other group: If the group part of the permissions of a file owned by the root group allows the group to execute, write or read a specific file then any member of that group has the permissions to do that. Of course nothing prevents an executable to do additional checks if you are the root user (which indeed many programs and scripts that are intended to run as root do), so that being a member of the root group will not help in such a case.

Regarding Windows: Actually, by default the Windows permission system is better than plain Linux/UNIX permissions. The lack of fine grained control is why things like ACL where invented, in use in Windows since Windows NT, often not used, despite being widely available, on Linux systems. The real problem with Windows security is not the lack of security mechanisms, but that they are disabled by default and most people are not willing to learn how to properly configure a Windows system (and FWIW, also not their Linux systems). Though a very common misconception, even among long time Linux users, Linux is not by default more secure than Windows.

I would think Linuces can be more secure in the long run and for "free\dom."

I just wanted to clarify the misconceptions. It is a widely distributed mistake, especially by people not using Windows, that Windows by definition has to less secure than Linux, while that simply isn't the case. A well configured Windows system can be as secure as a well configured Linux system. It mostly depends on the capabilities of the administrator how secure a system is, not on the underlying OS.

1 members found this post helpful.

Aren't you contradicting yourself there about the default security level?

No, just because there is no default Linux. Just start a Puppy Linux and look at its default security level, running everything as root. Look at a default Slackware (Arch, Gentoo, ...) installation, having only the root user (or the likes of Ubuntu, giving the first created user full rights using sudo without ever asking the user if that is what the user wants).
So even when Windows by default has most of its security systems disabled, Linux is by default not more secure, just because it is Linux. You may have a distribution where that is indeed the case (I believe Fedora and openSuse are pretty good at that), but there is no guarantee for that. Security is still a process, not a product. A process that involves the education of the system admin, regardless if the admin is the user and regardless which is the OS in use.