Ubuntu security hole? (not super major, but wondering if it is an issue to report)

[Alan McKinnon]

On Tuesday 09 May 2006 06:04, Chanchao wrote:
> I may have discovered a security issue with Ubuntu..  
>
> What happened was this. After logging into gdm, Gnome had trouble
> opening a bunch of panel applets.  "Error while loading
> OAFIID:GNOME_ClockApplet" and pretty much every other applet.
> Things were just weird, also applications didn't start, etc. Then I
> logged out planning to log in again, but X failed to start.
>
> Upon reboot, it showed that the /root files system was corrupted
> and needed to be checked, and it proceeded to check that. However,
> then it encountered something that could not be corrected
> automatically and suggested to run the fsck command manually.
> ("Inodes that were part of a corrupted orphan linked list found.")
>
> HOWEVER, at this point it put me straight into a root shell!

Chances are this will have been answered by the time you get this, but 
here goes anyway:

This only looks like a security hole, but there's no alternative.

fsck failed on /, therefore /etc/shadow cannot be read reliably, 
therefore asking for a password to confirm login is nonsensical. Your 
only option is to drop to a root shell to fix it. To do anything with 
it, you have to be at a local console with physical access. Once you 
have physical access, all security bets are off anyway - you can boot 
into init 1 from grub, stick a LiveCD in the drive or do any one of a 
number of things to gain full unrestricted access.

-- 
If only me, you and dead people understand hex, 
how many people understand hex?

Alan McKinnon
alan at linuxholdings dot co dot za
+27 82, double three seven, one nine three five