Wednesday, April 21, 2010

Defaults can be bad...

Ubuntu is one of the leading Linux distributions out in the world and drives the image of Linux among the masses and this image of Linux always has a sense of security to it. This feeling of being safe is mostly true but does have slight weaknesses to it, one of them being in Ubuntu itself.

A default installation of Ubuntu always comes with a many options for customization and control, one of them is the Recovery Mode. Adept Linux users would know where I am going with this but the reality of the fact is that even the most proficient zealots make this very small mistake. The Recovery Menu allows for a lot of customized tools to fix obvious issues but also provides an option to drop to a root shell!! FOR FREE!! Now I don't need to explain how dangerous that is. It's a free LPE (Local Privilege Escalation).

The fault just doesn't lie with Ubuntu itself, most distros allow the option but differently and just requires editing the grub config at bootup. It's just that Ubuntu makes it more readily available for skiddies.

The fault lies with both parties, the user and the distro makers configuring the distros. A simple 'password protect the bootloader' option at install time would be more than helpful to deter skiddies gaining root access to your comp if they have physical access to it.

A simple guide to protect the bootloader is available here, its a howto on Ubuntu Forums but can be applied to other distros as well.

http://ubuntuforums.org/showthread.php?t=7353


Always remember, the default settings aren't always best for you.