Pro tip: You can log into macOS High Sierra as root with no password

This form is for Science and Tech topics.

Note: Anyone can read this forum, only registered users may post or reply to messages.
Post Reply
RichardMIT
Posts: 21
Joined: Thu Mar 09, 2017 3:57 pm

Pro tip: You can log into macOS High Sierra as root with no password

Post by RichardMIT » Wed Nov 29, 2017 6:47 am

I keep having people tell me how much better and more secure apple is than everything else and how they do not need all the security measures that all the other groups need.

Um. You might want to rethink that logic.

This huge hole was found recently. Who knows how many others there are.

Keep in mind you not only have hackers trying to get into systems but also most governments that want easy access to the systems. It would not surprise me a bit if at some point it is discovered that a government mole was 'helping' with the code to sneak this 'flaw' in. Since it does seem like one has to do a little 'dance' to get the admin door to open.


Copied from:
https://www.theregister.co.uk/2017/11/2 ... gh_sierra/


Pro tip: You can log into macOS High Sierra as root with no password

Apple, this is Windows 95 bad – but there is a workaround to kill the bug


By Shaun Nichols
28 Nov 2017

A trivial-to-exploit flaw in macOS High Sierra, aka macOS 10.13, allows users to gain admin rights, or log in as root, without a password.

The security bug can be triggered via the authentication dialog box in Apple's operating system, which prompts you for an administrator's username and password when you need to do stuff like configure privacy and network settings.

If you type in "root" as the username, leave the password box blank, hit "enter" and then click on unlock a few times, the prompt disappears and, congrats, you now have admin rights. You can do this from the user login screen, too.

The vulnerability effectively allows someone with physical access to the machine to log in, cause extra mischief, install malware, and so on. You should not leave your vulnerable Mac unattended, nor allow remote desktop access, until you can fix the problem.

And while obviously this situation is not the end of the world – it's certainly far from a true remote hole or a disk decryption technique – it's just really, really sad to see megabucks Apple drop the ball like this.

Developer Lemi Orhan Ergan alerted the wider world to the flaw via Twitter in the past hour or so. The security hole was also quietly discussed on Apple's developer forums two weeks ago, but virtually no one seemed to notice.

pokerguy
Posts: 38
Joined: Wed Jun 10, 2015 10:45 am

Re: Pro tip: You can log into macOS High Sierra as root with no password

Post by pokerguy » Wed Nov 29, 2017 8:00 am

thanks for the post Richard.

However a bright side to the issues apple is having is that there are some fairly easy fixes in addition to a patch coming out semi soon.

The simplest solution is suppose to be simply enabling the root account and setting the root password.

see:
https://support.apple.com/en-us/HT204012

for instructions.

However, based on some user comments, it sounds like setting the password will fix 95% of the issues.
It seems there might still be a way to 'tap dance' around the 'fix' so personally I would suggest making sure remote login is disabled, the root password is set, and just as soon as the security patch comes out install it.

However. if your 'paranoid' statement about the possibility of a government mole or mole(s) helping with the back door security issue turns out to be true there may be other openings to worry about even with the security patches.

Of course adding to your paranoia . . . One of our friends was showing me some truly scary stuff that one government is really doing. Honestly when the 'openings' are built into the firmware of some of the system boards/cards/add-on parts I really don't know how we are going to protect any system.

How are they doing that you ask? The government of the country the parts are manufactured owns (well a corporation own by the government) owns the manufacturing plant and development center. Pretty easy to install and hide anything they want at that point.

Even if someone catches the security problem who are they going to report it to? The government?

Post Reply