[Ubuntu 14.04 on 2014 Retina MacBook Pro 15" using rEFInd]
(ThomasW's Why is everybody so concerned about etc/passwd? link addresses my initial comments about accessibility to passwd and other files, so I've removed my comments here.) Though I still believe in the principle of denying information to the potential attackers.
Whilst trying to fix a Unity GUI issue which has rendered my account unusable, I've found what I believe is a much bigger issue!
I booted into 'Single User Mode' thinking that I would be able to log into a TTY terminal and fix things through it. But the boot process paused at:
usbhid 1-8.1:1.0: can't add hid device: -71
usbhid 1-8.2:1.0: can't add hid device: -71
So I switched to TTY (Ctrl-Alt-F7) and since it was showing a cursor, I pressed Enter. I now found myself with the root user prompt in root's home directory. I wasn't asked for a password!
I created a new user, added them to the sudo group, and:
- when I used the exit command, a few more boot steps were performed (last of which was * Restoring resolver state... and it stopped. So I returned to TTY F1 and now had a login prompt. (I tried to login as root with no password and, as would be expected, I failed. The root account is disabled as per default)
- when I used the reboot command, the boot up sequence continued until the login splash screen, and then a reboot was triggered.
(I thought you could only do this sort of thing by using a Live USB and chrooting to the fixed drive.)
This has been convenient for the current problem I'm trying to fix, but I don't think this is desirable in any other circumstance.
I've repeated these steps a few times whilst writing this post, so it's definitely repeatable.
