toor (Unix)

In Unix-like operating systems, toor is traditionally used as the root user's secondary account. Its primary purpose is to provide a separate login with a specific, often simplified, environment that can be used for maintenance or recovery tasks. Unlike the root account which is typically accessed directly via su or sudo, toor has a dedicated login shell and often a minimal .profile or .login configuration.

The existence of toor allows administrators to isolate and differentiate between actions performed directly by the root user and actions performed through this designated alternative. This can aid in auditing and troubleshooting. The account is commonly disabled by default for security reasons. If used, it is strongly recommended to give it a strong and unique password different from the main root password.

The specifics of toor's configuration and purpose can vary between different Unix distributions and system administrator preferences. However, the overarching intent remains the same: to offer a distinct and controlled method for root-level access, separate from the main root account. While its prevalence has diminished with the rise of tools like sudo, toor still exists in some systems and represents a legacy approach to privileged access management.