Question

10

Why there is no password to root under Recovery Mode?

rated 0 times [ 10] [ 0] / answers: 1 / hits: 3555 / 3 Years ago, thu, october 28, 2021, 2:14:10

I am trying to understand this situation... Today I got a problem with de sudoers file since I modified and got problem whit this modification. So the only way to solve the problem was to modify the file using root in Recovery Mode.

And there is where the problem start.... no password was asked at all... so, just by choosing 2 options (Recovery Mode in Grub and Root in Recovery Mode), I've got access to all my system and all his files as a root.

This is very dangerous ! Anyone could easily erase important files or simply broke the entire system without any password/password/....

Is there any official communicate by Canonical about this ? It is simply an old forget feature or just something that no one want to change just because they don't want to ?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

bjecterless

Add To Favorites

Follow

Total Points: 59

Total Questions: 96

Total Answers: 105

Location: Argentina

Member since Thu, Mar 18, 2021

3 Years ago

bjecterless questions

1 Ubuntu Studio automounts NTFS partition - how to disable?

Sun, Feb 5, 23, 17:04, 1 Year ago

1 Ubuntu 22.04 upgrade from 21.10 error

Tue, Jul 26, 22, 18:42, 2 Years ago

1 Opened imagemagick using terminal, not sure how to close it now

Fri, Dec 16, 22, 13:24, 1 Year ago

1 In short i accidentally typed sudo rm /* and now my system doesnt boot as something is deleted in /

Sat, Sep 4, 21, 17:37, 3 Years ago

1 Display the contents of an HTML file on my desktop

Mon, May 9, 22, 00:28, 2 Years ago

View All

answered 3 Years ago ampolinhad · Accepted Answer

It's not a bug, it's a feature. Anyone with physical access to the machine can get your data and/ or modify it unless your partitions are encrypted.

Consider this case: you can boot a Live CD and be able to read and modify data without issues.

Another one: someone could open the case, take the disk out of it and plug it in another machine (USB dock, eSATA, etc.). Then it's again easy to read and modify the data.

If you want to disable creation of the recovery entry, edit /etc/default/grub, uncomment the GRUB_DISABLE_RECOVERY="true" line by removing the leading # character and run sudo update-grub. However, this does not make it impossible to boot into recovery mode since you can still edit the boot options by pressing E on an entry and add single to the kernel line.

The only way to protect against such an attack is by encrypting your whole disk using LUKS. I strongly recommend to do that especially for mobile devices such as a notebook. See How to truly secure a hard-drive?