On Wed, 2010-09-22 at 08:56 -0500, Bruno Wolff III wrote:
The assumption that the person potentially getting root is able to boot the system is not be correct in all use cases.
On a live image with an encrypted, persistent /home, you could in theory let someone else use the image after it was booted. (Who wouldn't be able to get /home mounted on their own.) They might not even being physically present at the machine the image is running on.
I think we work on the basis that this is not at all the typical use case for a live image, and that if you were doing that, you'd probably know you should set a root password. Why would you do that, btw?