Most multi-user systems have a special user for whom security restrictions do not apply. On Unix systems, this user (almost) always has the username "root". Informally, root is referred to as "the superuser."

The superuser can manipulate any file or directory regardless of its permissions, change permissions on any file, change the UID or GID on any file, modify /etc/passwd, terminate any process, or bring the system down. In short, there is nothing the superuser cannot do (well... almost nothing).

The mere existence of a superuser is security hazard—if you are inclined to steal passwords, the superuser password is the one to steal. Yet a superuser is necessary. When a user accidentally locks themselves out of their own account, the superuser can wade into their files and set matters straight. When a user forgets their password, the superuser can give him or her a new one. When a user's background process goes berserk while that user is on vacation, the superuser can kill it.

If you are the system administrator on a Unix system absolutely never forget the superuser password!! Without the superuser password, nothing of significance can be done to reconfigure the system. In a short time, the system becomes useless and must be reinstalled from scratch.