undefined | Better HN

0 pointsdevindotcom8y ago0 comments

Yeah that was my thought initially too but there may be invisible ways to leverage an existing root user that we're not aware of. After all, this bug exists...

0 comments

stingraycharles8y ago

The issue is that the bug leaves a password-less root account available through other means as well. Once you try to reproduce the bug, an attacker could potentially do a remote root login without password.

As such, it's very dangerous for people to try to verify and should be strongly discouraged.

jldugger8y ago

On most systems, root without password isn't available remotely. Is this not true on OSX?

jldugger8y ago

Apparently, High Sierra has a 'feature' that updates hashes to a new format on login, and consequently publishes a hash where there was none before. Which pretty much disables the 'no hash, no login' policies. Ooops. Donno if that's unique to the GUI, or if a simple 'sudo su -' would also trigger, as I don't own a mac.

mcintyre19948y ago

If you have remote login enabled does root/no password not work already because of the bug? It apparently does from the login screen if you have username/password mode on, so I wouldn't be surprised if it worked over remote login by default.

djrogers8y ago

Does not work via ssh or screen sharing based on my testing here. Seems to require physical access to the machine.

1 more reply

pilsetnieks8y ago

No, it doesn't work for remote login.

j / k navigate · click thread line to collapse

0 comments

stingraycharles8y ago

As such, it's very dangerous for people to try to verify and should be strongly discouraged.

jldugger8y ago

On most systems, root without password isn't available remotely. Is this not true on OSX?

jldugger8y ago

mcintyre19948y ago

djrogers8y ago

Does not work via ssh or screen sharing based on my testing here. Seems to require physical access to the machine.

1 more reply

pilsetnieks8y ago

No, it doesn't work for remote login.

j / k navigate · click thread line to collapse