Hacker News new | past | comments | ask | show | jobs | submit login

That last sentence [0] suggests that the patch will disable every single activated root account.

[0]

> If you require the root user account on your Mac, you will need to re-enable the root user and change the root user's password after this update.




Which could lock some users out permanently if the root user was the only user they knew the password to.


It's impossible to have full-disk encryption with that config, right? (i.e., does FileVault work for the root user?)

If you can get in from an install CD, you can reset passwords as needed.

If I were writing this patch, I'd probably check to see if the root user's password was indeed blank, but given that use of the root account only is extremely unsupported I cannot get too upset about Apple breaking that use case as long as you can get back in.


The issue wasn’t actually specific to a blank password. You could try to log in as root using any password, and as long as root had never had a password set, it would fail but set root’s password to whatever you entered.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: