macOS High Sierra login flaw - root
-
@bbigford said in Apple login flaw - root:
Flaw in the login screen with the latest release. Simply typing in 'root' allows the user to login without entering a password. https://www.cnet.com/news/apple-flaw-allows-macos-high-sierra-logins-without-passwords/
Best part is, if the machine is logged in, this will bypass filevault.
-
@kelly said in macOS High Sierra login flaw - root:
@bbigford said in Apple login flaw - root:
Flaw in the login screen with the latest release. Simply typing in 'root' allows the user to login without entering a password. https://www.cnet.com/news/apple-flaw-allows-macos-high-sierra-logins-without-passwords/
Best part is, if the machine is logged in, this will bypass filevault.
Well of course, you're root at that point and get do do whatever you want.
rm -rf *.* -
@dustinb3403 said in macOS High Sierra login flaw - root:
@kelly said in macOS High Sierra login flaw - root:
@bbigford said in Apple login flaw - root:
Flaw in the login screen with the latest release. Simply typing in 'root' allows the user to login without entering a password. https://www.cnet.com/news/apple-flaw-allows-macos-high-sierra-logins-without-passwords/
Best part is, if the machine is logged in, this will bypass filevault.
Well of course, you're root at that point and get do do whatever you want.
rm -rf *.*If the computer is off, and then powered on the flaw cannot bypass filevault since the "disabled" root account doesn't have its own key to decrypt.
-
Obligatory: Macs don't get viruses
Obviously there's no need for a virus, when the front door doesn't lock -
Lemi Orhan let them know here:
https://twitter.com/lemiorhan/status/935578694541770752
Same here:
https://twitter.com/lemiorhan/status/935581020774117381Workaround is here:
https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/block_root_account_login -
Applied it on all the Macs we had at the office.
-
Today is a day of fail.
-
The quick fix is sudo pwd to change the root password to something non-blank. I assume apple with have a fix out quick.
-
Why is root enabled by default?
-
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
-
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
-
Check the app store for new updates. There's an update available to fix this one.
-
This post is deleted! -
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
For as logical and well mannered as people here are, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
-
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
It isn't the bug is doing a PW check against the disabled account, or is enabling this disabling the account for the check.
-
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
seriously.... fuck crapple in their self righteous ass....
For as logical and well mannered as people, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
Logical and well mannered apple users are the tiny minority.
-
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
seriously.... fuck crapple in their self righteous ass....
For as logical and well mannered as people, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
Logical and well mannered apple users are the tiny minority.
As are educated and logical places on the internet to have conversations about technology... so let's keep this one.
-
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
seriously.... fuck crapple in their self righteous ass....
For as logical and well mannered as people, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
Logical and well mannered apple users are the tiny minority.
As are educated and logical places on the internet to have conversations about technology... so let's keep this one.
Educated and logical places on the internet are more prevalent than non-shitty apple users, soooo.........
-
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
seriously.... fuck crapple in their self righteous ass....
For as logical and well mannered as people, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
Logical and well mannered apple users are the tiny minority.
As are educated and logical places on the internet to have conversations about technology... so let's keep this one.
Educated and logical places on the internet are more prevalent than non-shitty apple users, soooo.........
That could mean that both this place and non-shitty apple users are equally rare. Why you gotta be a douche-canoe?
-
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@s-hackleman said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
@rojoloco said in macOS High Sierra login flaw - root:
@wls-itguy said in macOS High Sierra login flaw - root:
Why is root enabled by default?
Because apple sucks ass?
OK. Because that was the answer I was looking for :SMH
seriously.... fuck crapple in their self righteous ass....
For as logical and well mannered as people, it is frustrating to even visit Mango and try to have a conversation as an Apple user.
Logical and well mannered apple users are the tiny minority.
As are educated and logical places on the internet to have conversations about technology... so let's keep this one.
Educated and logical places on the internet are more prevalent than non-shitty apple users, soooo.........
That could mean that both this place and non-shitty apple users are equally rare. Why you gotta be a douche-canoe?
OMG, please let me roll over and submit my soft underbelly to the apple user base.... oh, wait.....
show me some non-douche canoe apple users, and I might agree.
