Apple’s latest version of their OSX (or macOS) operating system – High Sierra – has been found to have a serious vulnerability that allows anyone with access to the device to have full administrative access (“root”) without a password.
On any vulnerable device, you can login as theĀ root user without a password from the lock screen (or login screen). A software update to fix the problem is being prepared, but it would be very sensible to apply a fix in the short-term.
To fix the problem, simply set a password for theĀ root user; start a Terminal and from the command-line, run the following command :-
sudo passwd root
Password: {Enter your own password here}
Changing password for root.
New password: {Enter root's new password}
Retype new password: {Enter it again}
You should probably store the new password for the root user in an appropriate password store (Keepass, or KeepassX), although you will probably never use it.
Links for further information :-
- Naked Security
- Apple: A gooey, but more complex method for fixing.
- And the official fix is now out (which is available in the App store).
- The Register
The vulnerability is an interesting one in a sense – in theory there is no need for the root user to have a password as it is not intended for direct use, but if the account accidentally becomes enabled then it becomes a dangerous (and easily exploitable) security hole. To be safe, Apple should not only have disabled the root user, but also generated a random password for that account.
The vulnerability can be exploited locally (with access to the keyboard) and in some instances remotely.