we should set a grub password by default

Scott James Remnant scott at ubuntu.com
Tue May 15 17:52:43 UTC 2007


On Tue, 2007-05-15 at 19:23 +0200, Sven wrote:

> With the actual Ubuntu default settings anyone can easily gather
> root-privileges by rebooting and pressing e to enter edit mode in grub
> and add a init=/bin/bash kernel option.
> 
Since the cracker was able to use the GRUB menu, they have physical
access to the machine.  This means that they can pop open the case, take
the hard drive out, and mount it in another machine -- gaining root
access to the files on that disk.

Frankly, they can pick the machine up and walk off with it; subjecting
it to any manner of abuse until they break into it.

Where physical "console access" security is a requirement, all the tools
to try and improve that are made available; as you note, GRUB has the
facility to password its boot menu, and one would assumedly select
computers that had difficult to penetrate cases and BIOS passwords, etc.

However as a default configuration, this would likely cause more
problems than it would solve.  Since users would now need *another*
password to:

  * dual boot

  * enter recovery mode

  * help debug problems

Scott
-- 
Scott James Remnant
Ubuntu Development Manager
scott at ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20070515/fec84df2/attachment.pgp>


More information about the Ubuntu-devel-discuss mailing list