Hi, this is still an issue with the default stretch install, if the option to not set a root password is taken at installation.
It is quite severe IMO, especially considering how likely it is to be discovered only when the rescue shell is actually needed. If this really can't be fixed before release, I'd strongly suggest that debian-installer force a root password to be set until it can. On a secondary note, I personally find it rather ludicrous that this trivial fix is being held up by some kiosk considerations. Setting up one of those usually requires many other customizations (for example, disabling the default window manager), and it makes little sense to opt for sudo over a separate root account at installation time for a kiosk in the first place. On the other hand, the much more common desktop use case shouldn't be this broken out of the box. IMHO, of course. -nd.