22
junon
15d

Apple released an update for MacOS that allowed you to type "root" as the username and "" as the password, hit the Authenticate button twice (the first time erroring out) and then have complete root permissions to the system.

They fixed it pretty much immediately, but then a later patch regressed it again.

Comments
  • 4
    "Hey, you get what you pay for! Wait..."
  • 0
    Wait, they regressed again? LMAO
  • 1
    @endor Yeah, IIRC just a few days or maybe a week or so later. Then they had to re-patch it.
  • 0
    That is exactly what specs are for. 🤦🏻‍♀️
  • 1
    "Imagine having unit tests for bug regression in security critical systems."
    - this post bought to you by the MacOS Kernel Gang
  • 3
    I never understood how something like that could ever happen. There is no legitimate reason to handle root logins differently.
    So why do they have special code branches triggered for root before she even has been authenticated?
    Do they check against an additional hash for a master password wich they had to add because of a national security letter?
    And if so: Why only for root? Why not just check that hash for all user names?

    Seriously not getting how you could end up with different pre-authentication code for root vs. non-root...
Add Comment