Kali Linux has announced its new security model which would be pushed in 2020.1 updates currently scheduled for late January. For years it has inherited its default root user policy from BackTrack but they are now shifting to default non-rooted users.
Some changes planned in new update
- Kali in live mode will be running as user kali password kali. No more root/toor.
- On install, Kali will prompt you to create a non-root user that will have administrative privileges.
- Tools that we identify as needing root access, as well as common administrative functions such as starting/stopping services, will interactively ask for administrative privileges.
Kali Non-Root User Implementation
Kali’s move to be a Debian has earned a lot of reputation for being one of the most stable Linux distros, over the last few years many users have started using it.
Earlier, days a bunch of pen-testing tools were stored /pentest/ directory which required root access to run or ran better when given root privileges.
Some application in Kali Linux requires root access while some doesn’t a popular tool named nmap which is used as a port scanner when run by a non-root user doing a standard Nmap will default run a connect scan while if we run it with root privilege nmap takes advantage of the additional privileges to utilize raw sockets and will conduct a syn scan, a far more popular scan type.
Over the years several applications have been developed which do not require access which has become a maintenance burden to patch and reconfigure the service. So this default root policy will thus simplify the maintenance of Kali and will avoid problems for end-users.