The $root_user variable is a failsafe device. Normally it's not present in the configuration.php generated by Joomla!'s installer. You are only supposed to add it if you have screwed up your ACL and need a way to log back into your site and fix the trainwreck or when you want to recover your administrator password. The only way to add it is by manually the configuration.php file. Logging on as this user will also produce a big, fat warning reading "You are logged-in using the emergency Root User setting in configuration.php. You should remove $root_user from configuration.php as soon as you have restored control to your site to avoid future security breaches."
Reference: http://docs.joomla.org/How_do_you_recover_your_admin_password%3F
Akeeba Backup, no matter if you are transferring a site or restoring a backup, always follows the same procedure. It will read the existing configuration.php (from the original site) and only replace specific variables with the information you entered in Akeeba Backup Installer (database connection information, site name, tmp and log directory, FTP connection information; nothing else). Even if you add a nonsensical variable like $bigboyslike = 'mylittleponny' it will be preserved during the restoration/site transfer. Not having a whitelist of valid parameter keys is what allows ABI to be forward-compatible. This trait allowed me to be essentially reusing the same code (with few additions) for over four years β the first version of ABI was actually called "JoomlaPack Installer 3" and was created in 2008.
This brings us back to your site. How did that $root_user end up in your test site's configuration.php? No idea. If you didn't put it there, somebody did. Do you have a developer, co-worker or hacker accessing your site?
Nicholas K. Dionysopoulos
Lead Developer and Director
π¬π·Greek: native π¬π§English: excellent π«π·French: basic β’ π My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
