I have a password protected admin account on my Ubuntu 10 installation. But during an upgrade I ran into some major problems, where I could no longer boot in Ubuntu...

So I popped in a live CD, and ran nautilus with gksudo, and now I can change permissions and delete all of my previously protected data. Just from a Live CD!

Is this how it is supposed to work? What are best practices for preventing my data from getting stolen / deleted like this?