Recovery mode

Eamonn Sullivan eamonn.sullivan at gmail.com
Thu Jul 14 08:54:22 CDT 2005


On 14/07/05, Brett Profitt <brett at narnarnar.com> wrote:
> While on this subject, I must point out that "recovery mode" is wickedly
> insecure.  I nearly fell out of my chair when I saw it automatically log
> in *as root* with *no password*.  I understand WHY this happens, but
> that does not make it any less insecure.
> 
> Most of the "solutions" I've seen consider locking grub to be the best
> option, which, in my mind, is completely out of the question.  Are there
> any plans to correct this gaping security hole in Breezy?
> 

I don't believe this is a security hole. If someone can walk up to the
keyboard of your computer, it's theirs. Adding a password or something
during recovery mode would just give the illusion of greater security
and complicate disaster recovery for newbies.

-- 
-Eamonn
http://eamonnsullivan.blogspot.com/
Skype: eamonn_sullivan



More information about the ubuntu-devel mailing list