Technical Discussion
  >> Apple Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread
Standard User billford
(elder) Tue 28-Nov-17 21:46:10
Print Post

High Sierra bug


[link to this post]
 
If other people have access to your computer you might like to take notice of this:
macOS High Sierra bug allows full admin access without a password


Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User micksharpe
(legend) Wed 29-Nov-17 02:13:47
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
"Think different."

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User billford
(elder) Wed 29-Nov-17 07:37:41
Print Post

Re: High Sierra bug


[re: micksharpe] [link to this post]
 
"Think."

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6


Register (or login) on our website and you will not see this ad.

Standard User micksharpe
(legend) Wed 29-Nov-17 07:48:21
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
Caveat emptor? tongue

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User billford
(elder) Wed 29-Nov-17 07:58:43
Print Post

Re: High Sierra bug


[re: micksharpe] [link to this post]
 
Whilst not excusing Apple on this, I wonder how new the bug is.

I can remember at least some forms of Unix having this "feature" back in the days of thick Ethernet crazy

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User TinyMongomery
(eat-sleep-adslguide) Wed 29-Nov-17 08:38:07
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
It's nothing to do with the design of the OS, just a poor default configuration in the delivered product. Any OS could potentially have this bug (and I'm pretty sure that some Linux distributions do).

But it is quite a glaring oversight to ship a system with a blank, or default, root password.

--------------------------------------------------------------------------
A lie gets halfway around the world before the truth has a chance to get its pants on.
Standard User billford
(elder) Wed 29-Nov-17 09:04:17
Print Post

Re: High Sierra bug


[re: TinyMongomery] [link to this post]
 
In reply to a post by TinyMongomery:
It's nothing to do with the design of the OS, just a poor default configuration in the delivered product
Not sure I'd agree there- the login code should be in a loop which can only be broken out of by entering valid details.

On the Unix systems I remember it was simply the same code repeated three times- after that you just "dropped through" to the rest of the startup routine.

These days that would be very poor design, but in those days computer software was written by geeks for geeks, who were assumed to be trustworthy. The idea of computers all over the world being accessed by some spotty 14-yr old with a tablet in his bedroom wasn't even conceivable frown
But it is quite a glaring oversight to ship a system with a blank, or default, root password.
Yes. It should be a requirement during installation to set a root password.

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User TinyMongomery
(eat-sleep-adslguide) Wed 29-Nov-17 11:17:43
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
Username "root" with password "" is a perfectly valid input.

--------------------------------------------------------------------------
A lie gets halfway around the world before the truth has a chance to get its pants on.
Standard User billford
(elder) Wed 29-Nov-17 11:24:45
Print Post

Re: High Sierra bug


[re: TinyMongomery] [link to this post]
 
In reply to a post by TinyMongomery:
Username "root" with password "" is a perfectly valid input.
Matter of opinion. I don't consider null entries to be valid in either field.

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User ian72
(eat-sleep-adslguide) Wed 29-Nov-17 11:26:21
Print Post

Re: High Sierra bug


[re: TinyMongomery] [link to this post]
 
Yes, but that then should only require Enter to be pressed once. The report says enter has to be pressed several times so there is something else going on, not just the missing password - looking at a video it rejects it first time but allows it on the second attempt, that is odd behaviour.
Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread

Jump to