* Posts by richard0x4a

1 post • joined 29 Nov 2017

Pro tip: You can log into macOS High Sierra as root with no password

richard0x4a
FAIL

Apple's guidance not quite correct - do not disable the root user!

Apple's guidance isn't quite correct. They say "you should disable the root user after completing your task". However, if you set a root password, then disable the root user, it resets the password back to blank and reintroduces the vulnerability.

You need to set a root password, then make sure you leave the root account enabled. Only then do you defeat the vulnerability.

2
0

Forums

Biting the hand that feeds IT © 1998–2018