Privilege and Permissions
Start course
1h 16m

This course provides an overview of Kali Linux and some of its main components and features. We'll also take a look at Linux in general including how it looks, how to use it, how to use the command line, how to change the settings, and more. We recommend taking this course as part of the Web Penetration Testing & Bug Bounty Hunting learning path.

Intended Audience

This course is intended for anyone who wants to learn the basics of Kali Linux, with a view to becoming an ethical hacker and/or a bug bounty hunter.


To get the most out of this course, it would be beneficial to already have some experience with Linux.


Hi, within this lecture, we're going to see different kinds of permission throughout the users, okay?

So, right now I'm inside of the Kali user and maybe you're inside of some other user and it really doesn't matter. I'm going to show you that every Kali Linux has a root user and it is the most advanced, it is the most authorized user inside of the Linux, okay? It goes the same for all kind of Linux distributions. So, the root is the administrator and super administrator. It can do whatever you want, okay? So, if you become root you can actually delete everything, you can create some new stuff. You can break the operating system, you can copy everything whatever you want. So, if you come over here you can see that root terminal emulator and when you do that it will ask you for your password which is the password that you use as you log in. So, if you give that, it actually creates a root terminal for you. So, as you can see the username is different in this case. So, I'm root@kali. So, since I'm root, I can do whatever I want. So, whatever I want, I mean that I can actually delete every folder, every file. In Windows, think about Windows. If you have used Windows before, you cannot even delete anything. It just gives you errors. It says that, this is a system file, you cannot delete that and so on and so forth. So, with root you can do anything. So, let me show you what I mean. As you can see, I can write ls, I can delete stuff. It appears that I have like a bettercap.history file over here, let me delete that. As you can see when I write pwd, I'm inside of the root folder. So, root folder, it appears that it doesn't even stay in home folder right now but I can just interact with it. Like I can create a folder, I can go into another folder, I can do cd test, I can do cd.. I can execute anything that we have seen before, right? Because I'm root, I can do anything. I can even delete the bootloader so that the operating system won't even boot again. But as you can see since it has so much authority, since it has so much permission, it's a little bit dangerous to use root. That's why actually Kali decided to introduce a new user called kali and abandon the usage of root as the default user. It really doesn't matter for us because we are using this as like a virtual machine, we're not using this like a real server or stuff. If I was using a server like Ubuntu or DBN, I would have done the same thing. I wouldn't use the thing as root in services in so many cases because it's dangerous. I can delete something by mistake, right? But it doesn't matter for us in this case so you will see throughout the course that I use root most of the time, okay? Because we will actually need the permissions of root, the authority of root for installing new things and executing new things at the same time. So, you need to understand that you can become root or any other user anytime you want inside of Kali Linux. So, let me do some more examples over here so that you can understand it in a better way. Right now I'm inside of the test folder and I can go back, I can write pwd and I can see where I am. I can go into the root of this, okay? And when I write ls I can see all the files and folders available inside of the root folder and by root I mean this folder, the root of the file system, okay so it can be confusing to call this root but again, this is the terminology used in the Linux system. But if I run ls, I can see all these home folder, mnt folder, run folder and stuff. Let's go into the home and as you can see when I write ls, I can see Kali and I can go into that. I can go into any user's folder inside of home folder because I am root. If I was another user, I couldn't have gone into the Kali's folder because it's kali, right? So, let me open another terminal using Kali. By the way, if you're using this as root like the custom ova created for this course, right now you cannot do this exercise, maybe you can just watch. So, if I run ls and pwd over here, you can see that I am inside of the root folder. Okay, not the root root folder because I cannot even go to that folder in Kali because the permission is denied, because root is the most privileged user in this case and root can come into the Kali's folder, but Kali cannot go into the root folder, okay? Root overrides the older permission in any cases. So, I can go to the documents inside of Kali and I can even create new files, create new folders if I want to with using root, okay? And let's try that actually. Let me go back to the Kali folder or the kali terminal. And once I create a new folder or new file over here, if I write ls inside of the documents as you can see there are test and test2 folders, let me create a file. Let's call this something like I don't know, test.txt or stuff. Okay, testroot.txt so that we can understand that it's created by root, okay? So, let me go back to Kali and try to go to the Kali documents folder inside of the Kali terminal. Right now I'm inside of home when I write this and I can go to the Kali and again I can go into the documents. By the way I haven't mentioned before, let me go back and show you what I mean. If I write cd.. I can go back, if I write do and hit 'Tab', it will auto complete. As you can see if I hit 'Tab', it will say that you want documents or downloads. If I write doc and hit 'Tab', it will auto complete, okay? So, you can type faster using tab in your keyboard. So, if I write ls I can see the testroot.txt. So, we don't know how to open it with an editor and edit it yet, but you will see it in the upcoming lectures but I cannot edit that file because I can read it but I cannot write it. Let me try to remove it. As you can see it says that remove write-protected regular empty file. So, it's write-protected, only root can write it in this case.

I can try to remove it because it's in my folder, right? I'm Kali and it's inside of the Kali folder, I should be able to delete it somehow but I couldn't manage it. So , what I can do I can try to run rm-f or - rf depending on whether it's a document or folder, it's a document right now and remember -f stands for force, so force it to be deleted in any case and I can do that because it's in my folder. Even though root created it I can delete it but I cannot even write it, okay? I cannot even edit it and we're going to see it in the upcoming lectures. But the idea over here is that root can go into any files and folders, it can change it, it can create new files, it can delete users, it can delete folders, it can do whatever you may want it to do. So, root is the most privileged user inside of a Linux system. And depending on your situation, you maybe using root all the time, you may be using another user all the time but the idea is to know how to use root, okay? You can open another root terminal if you want or you can just switch it to the root user and you can do that in the file manager as well. So, let's assume that I go into the pictures or any other documents and stuff. I'm still the Kali user, right? Because I logged in as Kali user. Right now, I can try to create new files and folders but I cannot do that in the root folder, right? So, let me go back to root and as you can see it says that permission denied. I cannot go into that. Not by terminal, not by file manager. So, I can right click and say open as root. It will ask me for my password again, the password that I'm using for logging in and I can open the file system as root user. So, if you want to open the file system as root user, this is what you do. Right now, I can go into the root folder and I can delete the files, delete the folders, whatever I may want to do over here, okay?

So, that's one way to leverage root as well. So, let's try to see some alternative ways to leverage root, for example switching from Kali to root or executing commands with sudo. Let's try to do that because you may need to learn about those things as well in the upcoming lectures. So, what I'm going to do, I'm going to close the root terminal over here or just minimize it and go with the Kali terminal to show you something like becoming root without even opening the root terminal, okay? So, you need to learn about that as well because once you go into the industry you will need all those skills. So, I'm going to close this down and I'm going to clear this thing. I'm inside of the documents, it doesn't even matter where am I right now because I'm going to go back to the root folder. Okay, I'm going to say cd .. cd .. and I'm again going to do that and here we go. Now, I can see the root folder over here, let's assume that I want to go over there. Of course, I cannot do that with the Kali user. Let's assume that I really want to go there. I really want to create a new file or folder over here, for example, I cannot even do that because I'm not inside of the Kali folder, okay? As you can see, it says permission denied. So, I cannot do that. I cannot go into the root, I cannot create any file and stuff so I need the root user. Of course, I can create root terminal but maybe there isn't an option to do that. Nothing Kali but maybe I'm in some kind of a Linux server like DBN server. So, I can write the sudo. Sudo stands for super user do, okay? And if I write sudo su like switching user, sudo su it means that I'm going to go back to the root or like a privileged user. So, if you do the sudo su and hit 'Enter', it will ask you for your password. And if you give your password and it won't show up in the terminal by the way, but if you write it and hit 'Enter' it will just accept it. It won't show up because of the security reasons but it will accept it and here we go. Now I am root. So, you can use this to exit out of the root and go back to the Kali if you want. So, you can actually switch the users using su command or sudo su command depending on the situation. For example, we're going to see command called apt update, apt install, which is the package manager of Linux, and you cannot even do that with the Kali. You can either go sudo su and become root or you can go sudo apt install or sudo apt update, which means that run this command but run this as an administrator or run this as a root user, okay? It will again ask you for your password and you can give it and execute the command. So, depending on your situation, you may want to run the commands with sudo in front of them or you can just become root and write the command, execute the command without giving anything before it in the terminal. But you need to understand this thing, okay? You need to be fluent in this thing. Root is the most privileged user in any Linux system and you can use the sudo command in order to execute things with the administrator privileges, and you can write sudo su to become root and you can even open a root emulator and even a root file system in order to browse through the files and folders. So, if you get a permission error using the Linux in any time not for cybersecurity, it means that you are not privileged to do that kind of operation. It means that you have to become root and then execute that command later on. Now if you understand that, it's great. Now, if you see me using root user throughout the course, make sure you open the root terminal or run sudo su and do the exact same steps with me. That's all that is, we're going to stop here and continue within the next lecture together.


About the Author
Learning Paths

Atil is an instructor at Bogazici University, where he graduated back in 2010. He is also co-founder of Academy Club, which provides training, and Pera Games, which operates in the mobile gaming industry.