By default with Ubuntu the user can use grub to login with root privileges WITHOUT a password, which I don't feel comfortable with. This is how I password protected grub to prevent changing the boot process:
> grub
grub> md5crypt
Password: YOUR_PASSWORD
Encrypted: abcdef
grub> quit
Now copy the encrypted string into the start of the grub file:
> sudo vim /boot/grub/menu.lst
password --md5 abcdef
lock
After saving change the permissions to prevent other uses viewing the file:
> sudo chmod 600 /boot/grub/menu.lst
No comments:
Post a Comment