No, part of the whole issue was that it enables the root account even when you had it disabled.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
State of MacOS in light of the root password bug
- Thread starter parseckadet
- Start date
- Sort by reaction score
No, part of the whole issue was that it enables the root account even when you had it disabled.
So the status is one dangerous exploit discovered that was patched before any known wild exploits occurred. Individual issues will always come to light, you would have to take the number of issues arising over a period to compare it with anything else and in that regard Mac OS comes out very well. Not perfect but very well IMHO.
Hah, perhaps. But this is an edge case, it would never be part of the QA teams normal test matrix. The odds of this exact bug happening again are very slim, so it makes little sense to add this (and all similar edge cases) as a standard test. It's something that really needs to be caught in code reviews and/or unit tests by the dev team.
Finally Tim gets to test the Spaceship’s Eject button. He enters an employee ID and destination, which immediately beams the target either to the most shark infested corner of the bay, or to Redmond, WA if the employee’s transgression was egregious enough.
This misses the point that Apple's sales pitch - and price point - is based partly on their claim that it's more secure than competitors. So when they leave a back door wide open like this, it's properly news.
If they were selling products that were priced equivalently to their Windows counterparts (i.e. half the price), then they'd have the luxury of claiming that "stuff happens". We pay extra so that stuff like this doesn't happen.