# Toor (Unix)

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Toor_(Unix)
> Markdown URL: https://mediated.wiki/source/Toor_(Unix).md
> Source: https://en.wikipedia.org/wiki/Toor_(Unix)
> Source revision: 1353220787
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

{{Short description|Alternative superuser account on some Unix-like systems}}
{{Multiple issues|
{{More citations needed|date=February 2026}}
{{No footnotes|date=February 2026}}
{{onesource|date=February 2014}}
}}
{{DISPLAYTITLE:<code>toor</code> (Unix)}}
'''<code>toor</code>''', the word "root" spelled backwards, is an alternative [superuser](/source/superuser) account in [Unix-like](/source/Unix-like) operating systems, particularly [BSD](/source/Berkeley_Software_Distribution) and variants.<ref>{{Cite book |last=Korff |first=Yanek |title=Mastering FreeBSD and OpenBSD security: building, securing, and maintaining BSD systems |last2=Hope |first2=Paco |last3=Potter |first3=Bruce |last4=Hope |first4=Brian |date=2005 |publisher=O'Reilly |isbn=978-0-596-00626-6 |edition=1st |location=Beijing Köln}}</ref>

==Purpose==
In Unix, it is traditional to keep the root [filesystem](/source/File_system) as small as reasonably possible, moving larger programs and rapidly changing data to other, optional parts of the system. This increases the likelihood that the system can be brought to a semi-usable state in the case of a partial system failure. It also means that the [superuser](/source/superuser) account, necessary for repairing a broken system, should not depend on any programs outside of this small core. To this end, the root account is often configured with a [shell](/source/Shell_(computing)) which is small, efficient, and dependable, but awkward for daily use.

The toor account is intended as a solution to this problem. It is identical to root, but is configured to use a different, more featureful shell.

Alternately, toor may be configured with the emergency shell, allowing root the freedom to use the featureful one.

==Implementation==
In a Unix-like system, each user has a [user ID](/source/User_identifier) number, which is what the [kernel](/source/Kernel_(operating_system)) uses to distinguish users and to manage user [permissions](/source/File-system_permissions). User ID #0 is reserved as the superuser account, and is given permission to do anything on the system.

Users log in by username, not by ID number, and a user's choice of login shell is also managed by name. This separation between name and number allows a given user ID to be associated with more than one username, each having its own shell.

==Security considerations==
The presence of a 'toor' account (or the presence of more than one account with a user ID of 0) triggers a warning in many security auditing systems. This is valuable, since if the [system administrator](/source/system_administrator) did not intend for a second superuser account, then it may mean that the system has been compromised.

It may be argued that even an intentional 'toor' account is a security risk, since it provides a second point of attack for someone trying to illicitly gain superuser privileges on the system. However, if passwords are chosen and guarded carefully, the risk increase is minimal.

For example, [NetBSD](/source/NetBSD) ships with a disabled 'toor' account, meaning that there is no password with which one can log into the system as 'toor'. This is not a security risk in itself, though it may generate security warnings as previously described. However, if the system is compromised, an administrator may be less likely to notice the enabling of a disabled account than the creation of a new one, especially if they have become accustomed to ignoring warnings about 'toor' from their (arguably misconfigured) security program.

==References==
<references />

Category:System administration
Category:Operating system security
Category:Unix

---
Adapted from the Wikipedia article [Toor (Unix)](https://en.wikipedia.org/wiki/Toor_(Unix)) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Toor_(Unix)?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
