Ubuntu security hole? (not super major, but wondering if it is an issue to report)
Chanchao
custom at freenet.de
Tue May 9 10:12:34 UTC 2006
On Tue, 2006-05-09 at 10:42 +0100, Dick Davies wrote:
...getting my red flag...
> > At the very least this behaviour is inconsistent with requiring
> > passwords elsewhere, if you're not going to bother with passwords once
> > something goes wrong.
>
> The case we're talking about here is when the machine has major
> problems and can't mount it's disks. It's not on the network and isn't
> going to be without some help.
>
> I don't think that's the time to throw obstacles in the way of a user
> who's trying to fix things, just to gain a false sense of security.
"Windows does it." :-) [..hiding..] It requires you to select a windows
installation AND supply the Administrator password before it lets you
into the repair console.
Anyway 'obstacles..' what's wrong with just prompting for a username
and password just like gdm does everytime you boot up? Presumably users
remember those things. :)
In certain environments (Edubuntu!) users might do more damage than good
when you just drop them into a root shell without checking that they
have administrative (sudo) rights!
Cheers,
Chanchao
More information about the ubuntu-users
mailing list