Why there is no password to root under Recovery Mode?
I am trying to understand this situation... Today I got a problem with de sudoers file since I modified and got problem whit this modification. So the only way to solve the problem was to modify the file using root in Recovery Mode.
And there is where the problem start.... no password was asked at all... so, just by choosing 2 options (Recovery Mode in Grub and Root in Recovery Mode), I've got access to all my system and all his files as a root.
This is very dangerous ! Anyone could easily erase important files or simply broke the entire system without any password/password/....
Is there any official communicate by Canonical about this ? It is simply an old forget feature or just something that no one want to change just because they don't want to ?
Solution 1:
It's not a bug, it's a feature. Anyone with physical access to the machine can get your data and/ or modify it unless your partitions are encrypted.
Consider this case: you can boot a Live CD and be able to read and modify data without issues.
Another one: someone could open the case, take the disk out of it and plug it in another machine (USB dock, eSATA, etc.). Then it's again easy to read and modify the data.
If you want to disable creation of the recovery entry, edit /etc/default/grub
, uncomment the GRUB_DISABLE_RECOVERY="true"
line by removing the leading #
character and run sudo update-grub
. However, this does not make it impossible to boot into recovery mode since you can still edit the boot options by pressing E on an entry and add single
to the kernel line.
The only way to protect against such an attack is by encrypting your whole disk using LUKS. I strongly recommend to do that especially for mobile devices such as a notebook. See How to truly secure a hard-drive?