Root privileges is the Linux version of administrator privileges, except it's the top administrator. The attacker would gain administrator privileges through a privilege escalation attack. TBB runs as the normal user, but an exploit could give the attacker higher privileges. No. You can specify entry nodes in the Tor configuration file, but that's for advanced users and you shouldn't mess with it. New Identity simply builds new circuits, but they go through the same entry guards. Entry guard selection is left for the Tor client. You don't have to do anything to use entry guards. Your client uses them by default.