Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Confirming this works, both from preferences, as well as from the main login screen

It seems like root has no password by default. Setting one is enough to close the hole. This is unbelievable!

Curious to see what's in /var/db/dslocal/nodes/Default/users/root.plist before trying this.



These are the contents of the file, after converting them from binary plist to plain xml: https://gist.github.com/shoghicp/2b529b54b9d70daf192b68e3564...


Ah, there's no ShadowHashData or KerberosKeys nodes. Presumably the code creating that plist is not aware that later on it's going to be accessed thru layers of other software and end up as a usable login. To quote Shrek: "Software is like an onion".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: