From Terminally Incoherent:
Yep. I just removed myself from all the groups except for vboxusers. Brilliant! I absolutely hate when I do stupid shit like that. It’s not like this was hard to fix – I just didn’t remember of the top of my head what groups I was supposed to belong to. Of course since I was no longer part of the sudo and admin groups I could no longer sudo. Luckily enough, back in the day I decided to enable the root password. So I was able to su to become root, and then usermod myself to admin, and bunch of other groups I needed like audio, video, tty, lp and etc… I wonder what would happen if I did this on a default Ubuntu box without root account. I wonder if I would be able to recover from this that easily.
The short answer is “Yes, you would.” Single User Mode is your friend.
At bootup, hit ESC to get into the Grub menu, and select recovery mode. If you haven’t entered a root password, recovery mode will dump you to the console as root. If you HAVE defined a root password, recovery mode will dump to a login prompt, where you’ll have to enter the password.
Comments 2
Thanks for the tip! I didn’t think of that.
Btw, just out of curiosity – will the single user mode just dump you at a root console without any authentication if root password is not set? Because that would be a security issue – what is the point of locking my workstation when I leave my desk, if someone could easily hit the power button, boot in single user mode, and do just about anything with the machine.
If this is what happens, then I’m glad that I set the user password immediately after installing the OS.
Posted 25 Jun 2007 at 7:19 pm ¶I think they leave the root password empty because they want to discourage people from logging in as root. (Mac OS X uses the same strategy.) They’re big believers in sudo, for security reasons — if you walk away from a sudo session, the password expires and root access goes away. (Unless you cheat, as per the name of this website, and enter “sudo su” to get a root shell.)
Being able to boot into single user mode as root without a password isn’t as big a security problem as it appears at first. Even assuming you blocked single user mode, an attacker could just boot from a live CD like the Ubuntu Desktop disk and then access everything on your hard drive.
The security rule of thumb is that if someone has physical access to a computer, the game is over. There’s nothing you can do that amounts to more than a speed bump. (Even encryption can be defeated if the attacker can install a keystroke logger and come back later.)
Posted 26 Jun 2007 at 9:15 pm ¶Post a Comment