Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
A lot of heads will roll over this one. Let's remove MAC address access from iOS 11 and then enable "root" with null password access on macOS. What a total and complete FUBAR.
As an old-time Unix-head (who trusts himself not to use root lightly), I already had root enabled and password protected. On Macs, that has generally been discouraged, but this time, it was a clear advantage (over and above another option in case one gets into a really nasty jam and doesn't want to reload).
The Net movie comes to mind. Probably a gov backdoor because I doubt interns get to work on logins at Apple.
Unless your computer is set up to, umm, show a username / password box at initial login screen. Then no additional steps are needed, root / <blank> and you're in.
Yes, you can login as root without going first to the System Preferences. But you would have to have enabled "Display login window as: Name and password" beforehand. Which is actually a pretty common thing to do to improve security by not providing any potential attacker with a list of usernames to try.
But in that case, yeah. You can just enter "root" without any password.
All the engineers were pulled to work on iOS years ago. The 2 guys left to work on macOS are clearly not up to it.
I’m so sick and tired of dealing with tons of bugs that affect production and now this.
Pull your head out of your rump Apple and quit trying to release a new operating system every 12 months! You can’t keep up with that kind of pace. Please start doing things the Apple way and stop this crap!
Pull your head out of your rump Apple and quit trying to release a new operating system every 12 months! You can’t keep up with that kind of pace. Please start doing things the Apple way and stop this crap!
My 10.13.1 machine is APFS encrypted and the 10.13.2 beta 4 is APFS not encrypted.
I'm going to lock up my laptop until this catastrophe has passed.
All of my sensitive cat pics are backed up onto my iPhone X, and fortunately FaceID is impenetrable.
All of my sensitive cat pics are backed up onto my iPhone X, and fortunately FaceID is impenetrable.
It's mind-boggling that a bug this severe is now so widely deployed.
No wonder enterprise doesn't take Apple seriously. They can forget about making any inroads now. This has to be the most severe security laps in computing history (this isn't hyperbole: something like 50-100 million High Sierra Macs have ZERO security right now)
No wonder enterprise doesn't take Apple seriously. They can forget about making any inroads now. This has to be the most severe security laps in computing history (this isn't hyperbole: something like 50-100 million High Sierra Macs have ZERO security right now)
You cannot login as root / <blank>, even with it, umm, setup to show a username / pass box at initial login screen. It ONLY works AFTER you follow the instructions given by MacRumors.
Try it.
Disable the root account with "dsenableroot -d" in the terminal. Now try to login with root / <blank>. You cant get in, I already tried it.
Now follow the MacRumors instructions again. Try to login with root / <blank>. You can get in.
The login problem ONLY exists if you follow these instructions to enable the root account.
No. What you did was enable a password-less root account in System Preferences which you then used to log in from the main login screen. You can't start the process from the login screen, you need to start with an unlocked mac. One without a root account already set up with a password.
Apple is the richest company ON EARTH and yet they are clearly under-staffed in their software development / maintenance. How many billions (trillions?) do they need to have stashed in the Caymans before they start putting some of that back into their products?!?
I expect that they will have this patched tomorrow. This is the worst macOS vulnerability I've heard about in a long, long time.
It seems that the passwordless too login only works if an admin has "enabled" the root user by doing the System Preferences trick first.
Users at workplaces and schools are not likely admins.
EDIT: Got it working using a regular user now. Not good!
Last edited:
hi
I'm not so familiar with root access etc, so a question:
in this problem, why does it work only after a number of attempts? why would multiple attempts be needed?
what is the difference to the system between the 1st attempt and an additional attempt?
what is making it effective with multiple attempts?
thanks.
I'm not so familiar with root access etc, so a question:
in this problem, why does it work only after a number of attempts? why would multiple attempts be needed?
what is the difference to the system between the 1st attempt and an additional attempt?
what is making it effective with multiple attempts?
thanks.
Signed up to say the same thing, but it looks like you already clarified what's going on. Like Dragon, when I disable root, I can no longer log in as root even using the username / password box on the login screen. Reproduce the bug once in System Preferences and I can log in on first try every time.