Recovery mode

Eamonn Sullivan eamonn.sullivan at
Thu Jul 14 08:54:22 CDT 2005

On 14/07/05, Brett Profitt <brett at> wrote:
> While on this subject, I must point out that "recovery mode" is wickedly
> insecure.  I nearly fell out of my chair when I saw it automatically log
> in *as root* with *no password*.  I understand WHY this happens, but
> that does not make it any less insecure.
> Most of the "solutions" I've seen consider locking grub to be the best
> option, which, in my mind, is completely out of the question.  Are there
> any plans to correct this gaping security hole in Breezy?

I don't believe this is a security hole. If someone can walk up to the
keyboard of your computer, it's theirs. Adding a password or something
during recovery mode would just give the illusion of greater security
and complicate disaster recovery for newbies.

Skype: eamonn_sullivan

More information about the ubuntu-devel mailing list