Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Is this normal? Root with no pass on recovery console.

  1. #1
    Join Date
    Sep 2010
    Beans
    8

    Question Is this normal? Root with no pass on recovery console.

    Hello ,

    Was wondering if this is normal . I installed ubuntu-10.04-desktop-amd64.iso and when i boot into recovery console and select drop into root shell it dont ask for anny password.
    I know i can change this pass but new users (maybey) dont know this , It feel weird to me.
    What they point if this.. small security issue?

    thx

    ** deffault install

  2. #2
    Join Date
    Feb 2008
    Beans
    606
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Is this normal? Root with no pass on recovery console.

    Quote Originally Posted by Fibercoax View Post
    What they point if this.. small security issue?
    If someone is sitting at the console of your PC, they can boot from a LiveCD or USB stick and then own your system.

    If you want security against local attacks by someone with access to the hardware, you need to encrypt your files. Then they could install a rootkit to grab the password next time you boot, but they can't read the files unless they do something like that.

  3. #3
    Join Date
    Feb 2008
    Beans
    606
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Is this normal? Root with no pass on recovery console.

    BTW, I'm sure there is a setting to require the root password at the recovery console, but since Ubuntu blocks root logins I'm guessing it won't work even if you enable it?

  4. #4
    Join Date
    Sep 2010
    Beans
    8

    Re: Is this normal? Root with no pass on recovery console.

    This not gonna happen because boot of external devices is locked in my bios like usb/cd/dvd !

  5. #5
    Join Date
    Sep 2010
    Beans
    8

    Re: Is this normal? Root with no pass on recovery console.

    Quote Originally Posted by movieman View Post
    If someone is sitting at the console of your PC, they can boot from a LiveCD or USB stick and then own your system.

    If you want security against local attacks by someone with access to the hardware, you need to encrypt your files. Then they could install a rootkit to grab the password next time you boot, but they can't read the files unless they do something like that.

    I dont think that is possbile because boot from external devices is disabled in bios like usb/dvd/cd

  6. #6
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Is this normal? Root with no pass on recovery console.

    It's normal.

    Physical access is root access.

    If you think it's not possible for someone to get root access since you disabled booting other devices in the BIOS, you'd better hope no one has a screwdriver and doesn't just remove your CMOS battery... or the internal hard drive altogether.

  7. #7
    Join Date
    Sep 2010
    Beans
    8

    Re: Is this normal? Root with no pass on recovery console.

    Quote Originally Posted by movieman View Post
    BTW, I'm sure there is a setting to require the root password at the recovery console, but since Ubuntu blocks root logins I'm guessing it won't work even if you enable it?
    I didnt see it , you should install it and test your self you would be surprised.

    What they need to do when installing ubuntu , FORCE TO SET ROOT PASS in the setup procedure. (look at the fedora 13 installer )
    I dont see ubuntu block root logins.

  8. #8
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Is this normal? Root with no pass on recovery console.

    Quote Originally Posted by Fibercoax View Post
    I didnt see it , you should install it and test your self you would be surprised.

    What they need to do when installing ubuntu , FORCE TO SET ROOT PASS in the setup procedure. (look at the fedora 13 installer )
    I dont see ubuntu block root logins.
    Ubuntu disables root password logins. You can get to a root shell by booting into recovery mode. You can also simulate a root shell by typing
    Code:
    sudo -i
    into a terminal. Unless you explicitly set a root password, though, you cannot log into the root account in the traditional sense. More importantly, there is no need to.

  9. #9
    Join Date
    Sep 2010
    Beans
    8

    Thumbs down Re: Is this normal? Root with no pass on recovery console.

    Oke understand ,, but in other words when i leave my ubunutu desktop open on my office desk and somone boot recovery console (when i get my coffee break ) he got root in 4 seconds . The idea dont make me happy !!

  10. #10
    Join Date
    Apr 2008
    Location
    Far, far away
    Beans
    2,148
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Is this normal? Root with no pass on recovery console.

    You can remove the recovery console boot option if you don't feel it's needed. An advanced user can still boot in the right mode but at least it isn't on the menu. The only real way to secure a machine from physical access is with encryption. Ubuntu does make it easy to set that up.

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •