Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Apple MacOS High Sierra root privileges

[es] :: Advocacy :: Apple MacOS High Sierra root privileges

[ Pregleda: 1516 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

Texas Instruments

Član broj: 227540
Poruke: 272
185.5.123.*



+61 Profil

icon Apple MacOS High Sierra root privileges29.11.2017. u 13:32 - pre 77 meseci
Ovi polako prevazilaze sebe. Dovoljno je samo ukucati root kao username i bez šifre se ulogovati. Ako iz prve ne proradi, to znači da će aktivirati root korisnika i na drugi klik upadate bez problema. :)

Citat:

There’s a major flaw in Apple’s macOS High Sierra operating system that allows anyone with physical access to a Mac to gain system administrator access without so much as entering a password. Late Tuesday, Apple confirmed that it’s working on a software update to fix the issue and published step-by-step instructions to help customers protect their machines in the meantime.

The vulnerability was publicly disclosed on Twitter this afternoon; it’s not clear whether the problem was privately reported to Apple ahead of time, which is the encouraged practice when security vulnerabilities are uncovered. (The company maintains an invite-only bug bounty program.) Despite its incredibly alarming simplicity, The Verge is not reproducing the steps to bypass High Sierra’s login screen here. It does not affect Sierra or other previous macOS versions.

However, The Verge has been able to confirm the major security issue remains present as of MacOS 10.13.1, the current release of High Sierra. When the problem is exploited, the user is authenticated into a “System Administrator” account and is given full ability to view files and even reset or change passwords for pre-existing users on that machine. Apple ID email addresses tied to users on the Mac can be removed and altered, as well. There are likely many more ways that someone taking advantage of the issue could wreak havoc on a Mac desktop or laptop.


The level of unbridled access this security hole permits — and it abruptly being made public — will almost certainly prompt Apple to move fast in releasing an update for its Mac operating system. The company hasn’t yet provided a release timeframe for that update.

Until that happens, the best way to protect your Mac against the issue reported today is by ensuring that you’ve set a root password. To do that, go to System Preferences > Users & Groups > Login Options > Join > Open Directory Utility > Edit pulldown menu. Enable the Root User if you haven’t already and then choose Change Root Password. (Thanks, dyavuz!)


https://www.theverge.com/2017/...ritical-password-security-flaw
 
Odgovor na temu

flighter_022
L2 Applications Administrator
NS

Moderator
Član broj: 18499
Poruke: 735
*.static.isp.telekom.rs.

ICQ: 23089150


+232 Profil

icon Re: Apple MacOS High Sierra root privileges30.11.2017. u 09:47 - pre 77 meseci
Neko iz development-a je zaboravio da odkomentariše par linija koda pre deployment-a :D

[Ovu poruku je menjao flighter_022 dana 04.12.2017. u 12:30 GMT+1]
 
Odgovor na temu

maksvel

Član broj: 107376
Poruke: 2417

Jabber: maksvel
Sajt: maksvel.in.rs


+161 Profil

icon Re: Apple MacOS High Sierra root privileges01.12.2017. u 09:34 - pre 76 meseci
Windows XP 2001, rimejk
 
Odgovor na temu

Zoran Milovanovic

Član broj: 45186
Poruke: 1206
*.exe-net.net.



+159 Profil

icon Re: Apple MacOS High Sierra root privileges01.12.2017. u 10:04 - pre 76 meseci
Mislis Windows 95?
 
Odgovor na temu

[es] :: Advocacy :: Apple MacOS High Sierra root privileges

[ Pregleda: 1516 | Odgovora: 3 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.