Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Apple High Sierra Uses a Passwordless Root Account InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple High Sierra Uses a Passwordless Root Account

Published: 2017-11-28
Last Updated: 2017-11-29 11:10:52 UTC
by Xavier Mertens (Version: 1)
1 comment(s)

Today, a security researcher twitted[1] about a dangerous behaviour he found in the Apple High Sierra operating system: It is possible to get administrator rights (the "root" account on UNIX) by connecting without a password. I was able to reproduce this behaviour on my MacBook running the latest OS X version. It appears that OS X is delivered with a passwordless root account.

A quick fix is to create a password as soon as possible. Open a terminal and type the following command:

$ sudo passwd root

It's not clear if only High Sierra is affected or also older versions. We will update this post as soon as possible if required.

[1] https://twitter.com/lemiorhan/status/935578694541770752

Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant
PGP Key

1 comment(s)
Diary Archives