Apple High Sierra Uses a Passwordless Root Account
Today, a security researcher twitted[1] about a dangerous behaviour he found in the Apple High Sierra operating system: It is possible to get administrator rights (the "root" account on UNIX) by connecting without a password. I was able to reproduce this behaviour on my MacBook running the latest OS X version. It appears that OS X is delivered with a passwordless root account.
A quick fix is to create a password as soon as possible. Open a terminal and type the following command:
$ sudo passwd root
It's not clear if only High Sierra is affected or also older versions. We will update this post as soon as possible if required.
Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant
My next class:
Reverse-Engineering Malware: Malware Analysis Tools and Techniques | Online | Australia Eastern Daylight Time | Mar 31st - Apr 5th 2025 |
Diary Archives
Nov 29th 2017
7 years ago