Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

On most systems, root without password isn't available remotely. Is this not true on OSX?


Apparently, High Sierra has a 'feature' that updates hashes to a new format on login, and consequently publishes a hash where there was none before. Which pretty much disables the 'no hash, no login' policies. Ooops. Donno if that's unique to the GUI, or if a simple 'sudo su -' would also trigger, as I don't own a mac.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: