** Summary changed: - Kubuntu - security vulnerabilities + Kubuntu (and perhaps Ubuntu)- security vulnerabilities
** Description changed: If I boot Kubuntu in Recovery Mode (choose from boot menu), I can: 1- Login as root without password and full access to system. 2- Change password of any username (if I know only this username and don't know his password. Type: passwd <username>). So this username can not login to system (because his password has been changed). + This bug can be fixed easily by putting new root password (Type: passwd + root). But default no-password root is strange! + What do you think about this? ** Tags added: bug kubuntu security ubuntu ** Description changed: If I boot Kubuntu in Recovery Mode (choose from boot menu), I can: 1- Login as root without password and full access to system. 2- Change password of any username (if I know only this username and don't know his password. Type: passwd <username>). So this username can not login to system (because his password has been changed). This bug can be fixed easily by putting new root password (Type: passwd root). But default no-password root is strange! - What do you think about this? + What do you think about this? (sorry for my english). -- Kubuntu (and perhaps Ubuntu)- security vulnerabilities https://launchpad.net/bugs/81410 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
