# 'Insecure by Default'? Well, Yes and No...

Azerblog mentions that [Linux distros are insecure by default][1],
specifically that you can boot into single user mode by editing the
GRUB kernel line to get to a root shell.

Actually, this doesn't work without the existing root password on
Fedora, Debian, and Ubuntu (not sure about other Unices or Linux
distros). Just before entering single-user mode, you will get a
console message "Give root password for maintenance (or type
control-D for normal startup)". To actually get a minimal root shell
without a password, you need to [add init=/bin/bash to the 'kernel'
line in the GRUB edit shell][2].

You could also boot from a live CD, or just take out the hard drive
and mount it in another computer (all good methods of recovering a
lost root password, BTW). I guess the moral is that if a determined
cracker gets physical access to your server, they can pretty much do
what they want.

I suppose to make things very difficult, you could 1) enable the
system's BIOS password, 2) enable the [GRUB password][3], and 3) use
encrypted swap and filesystems. All of these would be a real pain if
you don't have remote console on a CoLo'd or hosted server, since
you would need someone physically present every time the server
rebooted or lost power. I imagine that's why many of these security
measures are not enabled by default.

[1]: http://azerthoth.blogspot.com/2007/10/insecure-by-default.html
[2]: https://web.archive.org/web/20080224143204/http://www.securitypronews.com/it/operatingsystems/spn-22-20040209LostRootPasswordLinux.html
[3]: http://www.gnu.org/software/grub/manual/html_node/Security.html
.