absurd MacOS High Sierra bug
James Bunnell
linuxmajic at gmail.com
Wed Nov 29 07:51:58 PST 2017
saw it coming, i'm in linux now, ran mac for 7 yrs, saw it was time
for a change again.
On Wed, Nov 29, 2017 at 10:03 AM, John Newman <jnn at synfin.org> wrote:
> https://it.slashdot.org/story/17/11/28/2135236/macos-high-sierra-bug-allows-login-as-root-with-no-password
>
>
> The title pretty much says it all - you can login as root with no
> password, or elevate to root privileges to make system changes with
> no password, on all the current MacOS High Sierra releases. There
> is a work around (I think you simply have to enable the root account,
> with a password), but man.. wtf !?
>
> It shouldn't affect sshd - PermitRootLogin defaults to no. However
> it does appear to affect VNC / Apple Remote Desktop connections.
> LOL! How does something like this get past QA ?
>
> --
> GPG fingerprint: 17FD 615A D20D AFE8 B3E4 C9D2 E324 20BE D47A 78C7
More information about the cypherpunks
mailing list