Ubuntu – What are the risks of running Nautilus as root

nautiluspermissionsSecurity

Whenever I try to access files outside my home directory I get a permission error. People keep recommending running Nautilus as root by running the following commands in a terminal:

sudo -i nautilus
gksu nautilus

What are the risks of doing so?

Best Answer

As it is perfectly fine to run some applications as root we definitely need to know of the risks when doing so.

One of the benefits of any Unix-like operating system (like Ubuntu) is a tight security concept to minimize unwanted damage to vital system files. File permissions are an essential part of these security measures . Only if we make sure that certain files can not be accessed without administrative permissions we can be safe from accidental damage.

Hence all system files, global application settings for all users, applications binaries, and more will be protected from unwanted access by restricting access to root/administrators only.

Even administrators should not run their system as root but should rely on the much safer concept of sudo.

By running a graphical file manager as root we will do so with administrative permissions to all files on our system. As a consequence we will be able to open, copy, delete, and change permissions with all files and folders including system files without further warning.

As administrator we may exactly want to do that - then (and only then) it can be fine to run nautilus as root. But especially as a beginnner we may not yet be able to foresee what bad side effects can happen if we do thing wrong.

It is much safer to not run nautilus as root. There are few good reasons only to do so. Usually we can achieve what we want with other safer means.

Imagine an unwanted movement of our mouse, a premature mouse click, or a drag & drop action to the wrong destination. Imagine an accidentally wrong change of permissions on a folder. Imagine an accidental hit on Del while a file or folder is highlighted. If applied to the wrong files or folder we may end up with a non-booting broken system.

In addition consider the following: Once we are root on running nautilus all application we start from there, be it from the context menu, be it by a double click on associated file types, or be it by running their .desktop file will also run as root. All files we create by these applications will then also be owned by root. This may not be what we want. It would be much safer to run just a single application as root.

Still we may want ot decide that the task we plan is easier to perform from a GUI file manager than it would be from the command line. Only in case we are familiar with permissions, and the file system hierarchy we may take the risk of running Nautilus as root. As a beginner we should however refrain from doing so.

In case we had run Nautilus as root for an administrative task we should immediately close the Nautilus window again to avoid unwanted accidental actions.