Every account on your UNIX system should have a unique UID . This UID is used by the system to determine access rights to various files and services. Users should have unique UID s so their actions can be audited and controlled.
Each account also belongs to one or more groups, represented by GID s. You can use group memberships to designate access to resources shared by more than one user.
Your computer has a special account called root , which has complete control over the system. Be sure to limit who has access to the root account, and routinely check for bad su attempts. If possible, you should have all of the machines on your network log bad su attempts to a specially appointed secure machine. Each computer on your network should have a different superuser password.