A very important bug has been found in mintAssistant 2.4 which was released as part of Linux Mint 5 Elyssa.
When the root password is not set the root account is still active, and rather than this consequently preventing any root login, it actually means you can login as root without any password at all.
This regression is due to a change in behavior in passwd from Gutsy to Hardy and a request from the community after RC1 was released not to lock the root account (so that “sudo su -” is still possible).
- A fix has been released in mintAssistant 2.5. When you select not to use the root password, the root account is now given a randomly generated password.
- The ISO images for both the Main and Light Editions will be rebuilt to include this fix.
What you need to do
- Upgrade mintAssistant to version 2.5.
- Launch mintAssistant and choose whether you want to set a root password or not. If you choose not to, a random password will be assigned for you.