undefined | Better HN

0 pointsCrendKing8y ago0 comments

This bug exists regardless of user reproducing it or not. If there is anything good, reproducing it actually brings awareness to the user (make them change the password maybe). Hacker will "enable" the root user anyway.

What should be done is that Apple releases fix to this problem.

0 comments

Jedd8y ago

Not the case.

Once you enable root access - by 'testing' this - others can remotely & silently access the system as root.

GP is right - don't encourage people to test this, as there's nothing to gain from it. If you're on a shared machine you need to mitigate. If you're on your own dedicated machine you need to not share it until this is fixed.

4 more replies

devindotcom8y ago

Yeah that was my thought initially too but there may be invisible ways to leverage an existing root user that we're not aware of. After all, this bug exists...

1 more reply

arghwhat8y ago

This vulnerability lets users activate the root user without using their password.

Once done, you have opened for root without password globally. That's bad.

What they should do, as responsible disclosure dictates, is report it in secret to apple, and at most publicize a workaround (activate root user, set password) without reporting the details of the vulnerability.

EDIT: It does not appear to be limited to admin users. It appears to be related to disabled root accounts of older origin, such as through upgrades. I cannot reproduce on a fresh High Sierra install, but I reproduced on an upgraded install.

3 more replies

j / k navigate · click thread line to collapse