I did a fresh install of Linux Mint 18.1 and created a single user named "jack" with PASSWORD1 as the password. Later, I changed the password (using the "Users and Groups" graphical dialog) to PASSWORD2. Both logging in and using sudo now require PASSWORD2, as expected.
However, PASSWORD1 is still the password for the account root. I can tell because su - and su - root reject PASSWORD2 but accept PASSWORD1.
Isn't this a security flaw? Why did the root account silently copy my user password in the first place? If I knew my password was compromised and changed it, I wouldn't think to check that the root account was still using the compromised password.
In fact, I thought the root account was disabled on Linux Mint by default. See this question for instance: https://superuser.com/questions/323317/why-does-linux-ubuntu-mint-lack-a-root-account
Any reason not to disable the root account using sudo passwd -l root? Why wasn't this done by default?
Edits
@terdon I am fairly sure that I never ran sudo passwd or even plain passwd on this operating system.
@Mark I checked and the only thing that comes back doesn't look relevant.
jack@gamma /var/log $ ls auth.log* auth.log auth.log.1 auth.log.2.gz auth.log.3.gz auth.log.4.gz jack@gamma /var/log $ zgrep passwd auth.log* auth.log.2.gz:Mar 9 17:56:07 gamma mdm[1695]: pam_succeed_if(mdm:auth): requirement "user ingroup nopasswdlogin" not met by user "jack" jack@gamma /var/log $ zgrep "password changed" auth.log* # nothing returned Edit: I have filed a bug report with Linux Mint https://bugs.launchpad.net/linuxmint/+bug/1675575
Now that @Roger Lipscombe has confirmed this issue, I am going to add a bounty to the question.