Why does `sudo passwd root` reset my root password? Is this a security risk?

Both in my ubuntu desktop host and virtual machine. I have't login as root for about a month, during which I upgraded the kernel. I found my root password doesn't work anymore. However, by using sudo passwd root, I can easily reset the root password by current user password. How could this happen? I don't have a problem anymore, just curious about the underline reason for this. Thank you!


Solution 1:

First of all, sudo executes commands as root, so resetting the actual root password while accessing as root to begin with usually isn't a problem. You already have root access through sudo, so there's little change. (This assumes you don't have a setup that restricts user commands but allows them to sudo passwd ... But that's a configuration issue.)

Secondly, in order to remotely infiltrate a PC through the use of sudo passwd, you would have to a) trick the user into giving you the user password one way or another (which, again, gives sudo access just as well), or b) have physical access to the machine, in which case "remote" probably isn't so true anymore.

So, no, there is no direct security risk. Certain (but uncommon and illogical) configurations may create a loophole there, but that's it.

Solution 2:

No, it's not a security problem. If you have the ability to run sudo commands as root, which users generally do in Ubuntu, you're fine. The idea behind sudo is that you can run commands as root, without logging in as root.

Not a security problem. Not unusual. The system is working like it's supposed to. Nothing to see here.