As is said above this is not that unusual for an OS. Boot CDs can get you into most systems, and Single user mode is available on multiple (most?) *nix Operating Systems.
Rule # 213: If a hacker has physical access to the machine and can set boot type the machine is effectively compromised. Windows, Linux, BSD, Mac, AIX.... It does not matter what OS it is.
Open firmware is your best bet, but even then it could be compromised with a little more effort I bet. (A disk swap to an otherwise identical machine or into a external drive casing comes to mind.)
You can always use crypto disk images for sensitive data. Then even w/ root access you won't get into those areas without a password. Just be sure to not lose the password. Having to brute force crack a password is no fun when it is properly complex.