Thank you for taking the time to report this bug and helping to make
Ubuntu better. Ubuntu has disabled the root (or superuser) password and
uses the sudo command instead. For details on its usage and security
implications, please see https://help.ubuntu.com/community/RootSudo for
details. This affects recovery mode and why a password is not presented
on boot (there is no root password), but this does not reduce overall
security. Eg, if a person can reboot and see the grub prompt, then they
can just as easily insert a live cd and have access to everything,
bypassing the root password altogether. If you use a BIOS password, then
they can remove the drive and mount it in another system. The only way
to protect your data if an attacker has physical access to your machine
is via encryption. You can use LVM disk encryption from the alternate
installer CD or the ecryptfs functionality in
https://wiki.ubuntu.com/EncryptedPrivateDirectory.
** Changed in: ubuntu
Status: New => Invalid
--
In recovery mode, root shell can be accessed without password
https://bugs.launchpad.net/bugs/286798
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
