About root, spot and fido
This is a short explanation of why users run as the administrator (root)
in Puppy Linux, and/or use the non-root spot and fido accounts.
root, spot, fido
In a nutshell, root login gives you total access to everything, whereas
a non-root login gives you restricted access (that is configurable for
each user by the administrator).
Puppy is not a multi-user system as are most other Linux distributions,
in which there is a root login plus any number of non-root login
Puppy on the other-hand, has root, plus just two non-root logins, named spot and fido.
There are two main objections to running as root: firstly, that you
might accidentally do something dumb, such as delete important files,
secondly that if someone gains access to your computer, either remotely via the
Internet/network, or locally, they will be at root-level and able to do much more
damage than if they gained access as a non-root user.
Doing something dumb
In the case of accidentally wiping important files, which files are
important to you? Your own personal files and data of course, which
regardless of whether you are logged in as your non-root account, or
logged-in as root, you are just as prone to doing the same dumb thing.
That is, your personal files, settings, applications, are all owned by
the non-root user, and can just as easily be deleted by the non-root
user as can be deleted by the administrator.
In other words, this argument against running as root is itself dumb. At least in respect to the safety of your own files.
Where the "doing something dumb" argument is valid is in a multi-user
system, where the administrator could accidentally delete or otherwise
compromise another user's files. However, Puppy is not multi-user.
With regard to system files, they can easily be restored, in fact Puppy
makes this easy as the entire system is in one Squashfs file.
Remote access as root
What are you afraid of? Someone getting at your personal files and data,
especially such things as identification and login/password data. Much
of this is on your computer, and if you run a distro in which
you login as a non-root user, are in files owned by your non-root
account, meaning they are accessable equally by someone breaking in as
non-root user or as root.
However, there are two scenarios in which running as root has a security risk, only one of which applies to Puppy.
Firstly, if you login non-root, you could bump up to root-level to
perform certain operations such as keep a file of usernames and
passwords. There are some applications also that use secret files owned
by root, that non-root users are not supposed to read. Thus, anyone
gaining access as root, can read all of those files.
A note on the side about the above paragraph: major distros such as
Ubuntu allow the first user account to bump up to root just by prefixing
commands with "sudo" or "su", without requiring root password, which
makes the whole protection mechanism a joke. Considering that most
Ubuntu users are using this first login account as their regular login.
Secondly, in a multi-user environment, the enemy may be another user.
You would never have users logging in as root in that scenario. But, I repeat, Puppy is not multi-user.
Note, Puppy allows multiple session save-files, which are usually
managed by one user for different usage profiles. However, this can also
cater for different users, even with optional password protection on a
save-file, however this is only intended to be used in a "friendly"
local environment. It is a very light-weight alternative to a multi-user
Puppy supposes a "friendly" local environment, and the main threat is
from someone gaining access to your computer via the network ports while
you are online.
highly unlikely in Puppy, due to the firewall, minimal daemons (with
network capability disabled). But, the concern is still there...
This brings us to 'spot', which is a classical name for a dog. But, spot
is not a normal user, you don't login as user spot. Instead, you bootup
in the normal way as the root user, but you can choose to run some
Internet applications as the restricted user spot.
This means that you have unfettered access to your local system, all the
benefits of root, no hassles with file/directory ownerships and
permissions, no restrictions on access to all hardware.
But, you can run, for example, SeaMonkey (browser, Composer,
mail&news, IRC-chat suite), as spot. The home directory for spot is
/root/spot, and SeaMonkey will only be able to (normally) edit/create/write files
With spot, you have the best of both worlds. Freedom in your local system, a restricted user for Internet access.
Note, at the time of writing, Puppy offers only Didiwiki personal blog
running as spot and Seamonkey optionally running as spot -- you can
choose your level of web-browsing danger, via the Login and Security Manager in the System menu.
A fork of Puppy, FatDog64, features all Internet applications running as spot.
fido is another name for a dog, and is a full non-root login account, as you would get in any other
Linux distro. With one peculiarity, it's home directory is /root (which may indeed seem very
peculiar to you, but there is a reason for it!). As with other distros,
you would use 'su' or 'sudo' to perform administrator activities.
fido always requires administrator password to perform administrator-level operations.
fido is offered as an option at the first shutdown of Puppy, when you
are creating a save-file for the session. If you opt for fido, at next
bootup you will be automatically logged in as fido. Note though, fido is
not quite mature, so not yet recommended to be used.
Puppy is designed for people who know what they are doing and what they
want, and they want to do it with the least hassles. They also want
exclusive use of their computer, or maybe will share with a trusted
person. If you want to put a small child in
front of your computer and let them wreak havoc, Puppy is not
recommended, but then, they could wreak havoc regardless of operating
At least with Puppy, you can rescue an old PC, install Puppy,
and let him/her do whatever. It is affordable for each user to have their own separate hardware.
FatDog64, a fork of Puppy created by "kirk" and "jamesbond", has since
it's inception run all network apps as user spot. Those guys have
created an excellent web page that explains why running as root is safe
(or not less-safe than running non-root):
Some more relevant links:
(c) Copyright Barry Kauler 2013