You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
You need to either set a root password, don't let your Mac out of your sight (although you probably take it to bad n that), or patch when the patch is out. If you don't know what the root account is it's like an account for God, Jesus, Allah and Darth Vader combined.
https://www.theregister.co.uk/2017/11/28/root_access_bypass_macos_high_sierra/
Apologies if it's already been posted but it's not on page 1 or 2 and I'd expect continued debate not least from the anti-<insert favourite OS here>-brigade.
I'd expect continued debate not least from the anti-<insert favourite OS here>-brigade.
All OSs have serious security bugs from time to time, even OpenBSD, however this is probably one of the worst **** ups I've ever heard of in OS security.
I saw it on the BBC site and couldn't believe that the root account was left open.
I read somewhere that the root account doesn't necessarily exist until you try to log in to it. Then it helpfully creates one for you, with no pwd 😆
Glad I haven't gone to High Sierra yet! Usually leave any OS upgrades to at least x.2 but with Sierra I left it a lot longer than that. Probably will do for this one too...
It just works, apart from when it f's up! 😆
Just like another other os really! Though I do wish windows would implement expose and proper drag and drop..
Glad I haven't gone to High Sierra yet!
I thought it was all Mac OSes, not just HS. Maybe miss heard it on the radio..
Though I do wish windows would implement expose and proper drag and drop..
❓
expose, hot corners(show desktop, show all window, show application windows), and being able to grab a file, hit the corner and drop it in to some other program or what not, whether on the dock or in the window or between desktop. Windows doesn't work do great that way, spring loaded folders would be great too. Mean you can navigate fairly extensively just with the flick of a mouse.
I've got a thing for windows 10 that gives me a hot corner for desktop and all windows (just the new task view and desktops browser), but it's a pale imitation, and you can't drag and drop.
It's the bestest thing in the world about OSX. 😆 has been since it was introduced in 10.3(I think.)
What ar the ramifications if any for disabling root user - thinking in the context of home use machine.
What ar the ramifications if any for disabling root user - thinking in the context of home use machine.
Not a lot. I'm not doing anything about our Macs at home...
I thought it was all Mac OSes
I think it is. I've certainly come across back door means of getting into macs with earlier OSs. Doesn't stop me owning and using them though.
letmetalktomark - Member
What ar the ramifications if any for disabling root user - thinking in the context of home use machine.
Don't disable it, just set a password for it.
Funnily enough one "workaround" I saw on t'internet today suggests disabling the Guest account. When I upgraded to High Sierra my Guest account got disabled anyway, which makes me wonder if Apple were already aware of this.
physical access? OS on a USB key and nothing is secure use an openfirmware password lock if you are worried.
I thought it was all Mac OSes, not just HS. Maybe miss heard it on the radio..
Just HS according to Macrumors: https://www.macrumors.com/2017/11/29/apple-fixes-root-password-bug-security-update/
how can I stop this godawful OS from asking me if I want to install high sierra every day? there's not even a close window option on the dialogue.
Just updated the Patch fix for this issue, took about 5mins.
Don't disable it, just set a password for it.
Why?
Is this just a High Sierra problem or does it affect Sierra too?
Cheers Cougar.
molgrips - Member - Block User - Quote
Don't disable it, just set a password for it.
Why?
Moot point now there's a patch, but it's because setting a password on the root account prevents the bug occurring, disabling the account doesn't.
[img] 
[/img]