recovery from stupid error

Brett Profitt brett at narnarnar.com
Thu Jul 14 12:19:51 CDT 2005 

I must say I completely disagree.  Any law enforcement officials will
tell you that physical locks (in houses, car, etc) serve no other
purpose but to keep the honest people honest, and the same is true of
computers.  Either all security is pretend, or none is...this is not a
separate case.

I was, perhaps, too harsh when I described locking grub to be
"completely out of the question," but I was referring to those who would
consider it as an acceptable means or justification for this gap in
security.

The question should be, then, why make it easier for people who wish to
do harm?  The fact that Ubuntu ships with this as default is the
security concern.  Sure, direct hardware access is less secure
regardless, but the presence of a quick and simple exploit to gain full
access does indeed increase the chances of attack simply because it is
quick and easy, and an otherwise indifferent person may take an interest.

And the point should be raise that few, if any, other distributions do
this.  I understand the implications of the special case of the root
account with Ubuntu, but even so, why would do so many other
distributions oppose to doing this if it is harmless?

Brett

Oliver Grawert wrote:
> hi,
> Am Donnerstag, den 14.07.2005, 09:43 -0400 schrieb Brett Profitt:
> 
>>While on this subject, I must point out that "recovery mode" is wickedly
>>insecure.  I nearly fell out of my chair when I saw it automatically log
>>in *as root* with *no password*.  I understand WHY this happens, but
>>that does not make it any less insecure.
>>
>>Most of the "solutions" I've seen consider locking grub to be the best
>>option, which, in my mind, is completely out of the question.  Are there
>>any plans to correct this gaping security hole in Breezy?
> 
> would you prefer it to pretend security as other distros do with a root
> password ? its only one additional bootoption to boot a linux system
> with direct root access without password (init=/bin/sh works on any
> linux that has no grub password set). additionally, if you once have
> direct physical access to a system you could also steal the HD or boot
> from a liveCD or floppy to get direct access to the data....there is no
> security with direct HW access. pretending security in this area is bad
> imho.
> 
> ciao
> 	oli
>

More information about the ubuntu-devel mailing list