we should set a grub password by default

Binary package hint: grub

hello ubuntu developers!

i propose that during grub setup/configuration the grub password in menu.lst is activated by default. Please let me explain why.

With the actual Ubuntu default settings anyone can easily gather root-privileges by rebooting and pressing e to enter edit mode in grub and add a init=/bin/bash kernel option. He can go on and do everything then.
To establish a secure system with today's Ubuntu versions one would have to:
1) decide what requirements on protecting direct hardware modifications must to be established
2) set up the harddisk as the only boot-device, and protect this BIOS setting with a password
3) set up a Grub password to prevent boot-option modifications

#1 and #2 are totally out of the operating system's focus, but #3 is something I'd like to talk about.

To prevent this unauthorized boot-modifications gaining root-access, grub contains a password command line in menu.lst including a --md5 option. If we set this password and don't change anything different in menu.lst, the only thing that changes is: grub options can not be modified and Grub's command line can not be opened to do different things.
The chosen Grub password can be be user defined during installation or a random generated password, choosing a empty password deactivates Grub's password option.
Then, assuming someone cared for #1 and #2, Grub's menu.lst can only be modified from the booted computer by an authenticated user.

I think this is a little change most Ubuntu users wont even notice because they just use the grub manager to boot from the menu list, which will continue to work flawlessly.

I think this "bug" is critical, because its nearly as simple as pressing a key during boot to gain root access. Most people i tell this did not know its so easy to compromise their linux system, which they installed because they thought its more secure than the "other os". Well it could be.