Hi Am not sure what the reason for this access "without password" to the root / recovery boot option is - but its a flaw
in the first place why have any password if it can be circumvented by logging on as root second no where during the (very easy) install does it give the option for a root password third - even if its a stand alone machine the reason the passwrod exists is to have some basic precaution from allowing "anyone" to access the machine. Fourth on a network (a basic one) where many machines are standalone units with independent booting etc i shudder at the implications of this flawed root access to the computer. Of course there are many hacks into a machine but this flaw is really a basic oversight and i guess needs to be addressed, we complain about the basic M$ windoze setup being insecure - this Ubuntu configuration is not dissimilar so do i file a bug report, a security flaw or what - and where. thanks ram On 1/4/08, Mehul Ved <[EMAIL PROTECTED]> wrote: > On 1/4/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > So is this a bug, and security hole or what. Does this need to be reported > > It's what is called single user mode. This is how it is. > No one can exploit it unless they have physical access to the machine. > If you want to avoid people having physical access to the machine to > be unable to exploit this then set GRUB password. > > -- > ubuntu-in mailing list > [email protected] > https://lists.ubuntu.com/mailman/listinfo/ubuntu-in > -- ubuntu-in mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-in
