Recovery Mode allows full root access without a password

Bug #326473 reported by Ryan Waldroop
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu
Invalid
Undecided
Unassigned

Bug Description

Ubuntu Hardy just updated to the newest kernel which broke my sound and Nvidia drivers. That's a separate issue, but it made me try to boot my computer into "Recovery Mode" as offered by the grub menu. One of the options offered here was a chance to drop to a root shell.

Much to my surprise, I was greeted with full access to all the files belonging to all users on this computer. I thought Ubuntu had locked down the root account so that it could only be accessed by people who "sudo su" and who are part of the admin group. See https://help.ubuntu.com/community/RootSudo which mentions this...Is this fixed in 8.10?

With the exception of this, my computer is pretty well locked down--the BIOS password is set and we can only boot to the first HDD (with grub), but now this root shell bothers me.

Rather than full root access, could we instead be greeted with a login prompt similar to that seen when dropping to a TTY by pressing ctrl-alt-f1. Then an admin user could sudo su, or could have previously setup a root password, but having this as a default seems a little risky.

If this has been fixed in newer releases, would it be possible to get a security or backport release that would edit the grub or recovery menu to disallow this by default?

Many Thanks,
Ryan

Revision history for this message
Chris Crisafulli (itnet7) wrote :

Thanks for submitting this bug in efforts to help improve Ubuntu. This is a feature not a bug. There are several reasons that this is available to you in the grub menu. If you want to add a little more security you can edit your /boot/grub/menu.lst file and comment out the recovery mode (Which I'm not recommending to you), and then set a grub password by following several tutorials available in the forums.

Thanks for your time.

Chris

Revision history for this message
Ryan Waldroop (ryan.waldroop) wrote : Re: [Bug 326473] Re: Recovery Mode allows full root access without a password

Is there any way to make this "feature" more transparent to new users?
If a user takes the same precautions securing an Ubuntu machine as they
would a Windows machine, they would completely miss this. I know I sure
did, and I work in IT.

Revision history for this message
Mark (mark-wege) wrote :

I am astonished that this problem is reported so often and still unattented. Of course physical access to a machine makes it easy for an intruder to access and change your files. But still it should not be made to easy. Otherwise why are there passwords anyway for people who access the machine locally in the first place. Of course this is made so that it is not to easy. This should also apply for the recovery mode.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.