cancel
Showing results for 
Search instead for 
Did you mean: 

macOS Bug Allows Root Access Without Password

DaveyH
Seasoned Pro
Posts: 1,320
Thanks: 192
Fixes: 7
Registered: 15-11-2012

macOS Bug Allows Root Access Without Password

13 REPLIES
Community Veteran
Posts: 3,056
Thanks: 196
Fixes: 3
Registered: 05-04-2007

Re: macOS Bug Allows Root Access Without Password

It's in the news now.

MacOS is based on UNIX, and root is the admin account. So they've overlooked the fact you can log in as admin with no password. Ooohh dear Roll eyes

Sure that will be patched pretty quickly.

EDIT: Now it is made public hopefully pretty soon before the writers/malware writers take advantage of it. I haven't updated my Mac software for a while but I guess I should soon.

JayG
Aspiring Pro
Posts: 878
Thanks: 48
Fixes: 1
Registered: 30-10-2011

Re: macOS Bug Allows Root Access Without Password

Registering, logging on, authentication, verification and so on can be sooo time consuming and irritating - congratulations to Apple for showing just how easy it can be (for everyone!) Cheesy

DaveyH
Seasoned Pro
Posts: 1,320
Thanks: 192
Fixes: 7
Registered: 15-11-2012

Re: macOS Bug Allows Root Access Without Password

VileReynard
Seasoned Pro
Posts: 10,649
Thanks: 206
Fixes: 9
Registered: 01-09-2007

Re: macOS Bug Allows Root Access Without Password

Based on the premise that Apple borrowed Unix code;

What happens if a non-admin user enters

sudo passwd root

(and then enters a very weak password)?

Infinity
Pro
Posts: 5,630
Thanks: 156
Fixes: 2
Registered: 19-06-2011

Re: macOS Bug Allows Root Access Without Password

DaveyH
Seasoned Pro
Posts: 1,320
Thanks: 192
Fixes: 7
Registered: 15-11-2012

Re: macOS Bug Allows Root Access Without Password

They managed to introduce a bug that broke file sharing with that fix, so have had to release a revised version of the patch Crazy2

https://www.macrumors.com/2017/11/29/apple-macos-high-sierra-file-sharing-fix/

VileReynard
Seasoned Pro
Posts: 10,649
Thanks: 206
Fixes: 9
Registered: 01-09-2007

Re: macOS Bug Allows Root Access Without Password

Has the fix to the fix broken anything?

Have Apple heard of QA?

Infinity
Pro
Posts: 5,630
Thanks: 156
Fixes: 2
Registered: 19-06-2011

Re: macOS Bug Allows Root Access Without Password


DaveyH wrote:

They managed to introduce a bug that broke file sharing with that fix, so have had to release a revised version of the patch Crazy2

https://www.macrumors.com/2017/11/29/apple-macos-high-sierra-file-sharing-fix/


The fix for the fix !!!

Thus:

  1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
  2. Type sudo /usr/libexec/configureLocalKDC and press Return.
  3. Enter your administrator password and press Return.
  4. Quit the Terminal app.
Infinity
Pro
Posts: 5,630
Thanks: 156
Fixes: 2
Registered: 19-06-2011

Re: macOS Bug Allows Root Access Without Password

Apple moved quickly to address the issue, releasing a patch in less than 24 hours and automatically pushing it to users' Macs, although the initial update for the fix also broke file sharing for some users.

 

Apple shared instructions on how to fix that issue, and it appears the security update has been revised to prevent that problem from happening in the first place.

Infinity
Pro
Posts: 5,630
Thanks: 156
Fixes: 2
Registered: 19-06-2011

Re: macOS Bug Allows Root Access Without Password

Even though I manually installed the Security Update earlier, overnight Apple automatically also installed the update, so presumably also to all Apple users....

 

APPLE UPDATE.jpg

RPMozley
Aspiring Pro
Posts: 1,085
Thanks: 24
Fixes: 3
Registered: 04-11-2011

Re: macOS Bug Allows Root Access Without Password

Not all, only those on High Sierra, but I know what you mean.

Just as well I haven't updated passed Mavericks, on external drive. My main drive is still on Snow Leopard, mainly to keep compatibility with old applications and Rosetta PPC emulation.
Infinity
Pro
Posts: 5,630
Thanks: 156
Fixes: 2
Registered: 19-06-2011

Re: macOS Bug Allows Root Access Without Password


RPMozley wrote:
Not all, only those on High Sierra, but I know what you mean.


 

 

I'm glad someone does !!

Community Veteran
Posts: 3,056
Thanks: 196
Fixes: 3
Registered: 05-04-2007

Re: macOS Bug Allows Root Access Without Password

Reminds me of my old company.

We had local SQL Servers and the 'sa' account (admin account for people who don't know SQL Tongue), was blank.

A virus got round the network and was using that exploit to spread. So we had to set passwords on sa.

I this was was before the SP xp_cmdshell was restricted and now disabled by default. But basically it allowed an executable to be run.

So obviously, dump a dodgy .exe somewhere, login in as sa (blank) xp_cmdshell dodgy.exe Roll eyes