Password-protect grub interactive commands

Milan nalimilan at
Mon Nov 12 17:54:56 UTC 2007

OK, just forget the GRUB password idea, I've understood how it can
become a complete mess. Sorry for the idea...

But what about that?

unggnu wrote:
> <snip>
> I like the way Ubuntu handles root that always sudo is needed so why we
> don't make it with Recovery mode too? Just don't autologin root like
> root has a password. Why not let the user login in with his user and
> then use sudo to gain root access or set the user password for root and
> disable the account? With this no grub password/lock is needed but there
> is still basic security.
> If you are afraid if people forget their password why not make a little
> program on Live CD which can make that for you? Everyone can boot a CD
> and reset their password but only if they have bios/boot access like
> every private person.

I really second this idea, doing that and locking GRUB for any
modification of kernel parameters except recovery mode would be a real
security improvement. We should not let Windows XP overdo Linux here.
And anyway, there is the LiveCD if really needed.

More information about the Ubuntu-devel-discuss mailing list