Public bug reported:
Binary package hint: friendly-recovery
It would be great if the recovery-menu project could add a static-
compiled stub that tries to run the recovery-menu with bash, and if that
fails it would try to fall back to a known static-compiled shell (such
as sash, busybox-static, or bash-static) then falling back to
/sbin/sulogin if nothing else is available.
In my opinion, attempting to fall-back to a static-compiled shell before
falling back to sulogin does not significantly present any greater
security concern. The Ubuntu default is to have the root password locked
out, and administrators which like security will know that the best way
to protect single-user mode is to add a GRUB-based password, as that
retains the security of having the root account locked out. With the
default installation of recovery-menu, Ubuntu has moved in a direction
requiring boot-loader security to prevent the system from being
manipulated in single-user mode. (With just the three options now
available, it may be possible for a person to "fix" another person's X
configuration to something unexpected.)
Additionally, with the recovery-menu logic automatically falling back to
a staticly compiled shell, we can hopefully avoid static shell packages
shadowing the root account to create a "root account with a static
shell", like sash does with the "sashroot" account in hardy.
** Affects: friendly-recovery (Ubuntu)
Importance: Undecided
Status: New
--
single-user mode should work when libraries are broken
https://bugs.launchpad.net/bugs/234421
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
