High Sierra Bug in Mac OS Admin Access

macOS High Sierra Bug Allows Full Admin Access Without Password

Fix the Major macOS High Sierra Bug That Allows Full Admin Access Without Password

macOS High Sierra Bug Allows Full Admin Access Without Password

There appears to be a serious High Sierra bug in macOS that enables anyone the ability to use the root super user to login on any Mac with a blank password and no security check.

The bug that was discovered by developer Lemi Ergin, lets anyone log into an admin account using the username “root” with no password. This works when attempting to access an administrator’s account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

To replicate, follow these steps from any kind of Mac account, admin or guest:

  1. Open System Preferences
  2. Choose Users & Groups
  3. Click the lock to make changes
  4. Type “root” in the username field
  5. Move the mouse to the Password field and click there, but leave it blank
  6. Click unlock, and it should allow you full access to add a new administrator account.

At the login screen, you can also use the root trick to gain access to a Mac after the feature has been enabled in System Preferences. At the login screen, click “Other,” and then enter “root” again with no password.

This allows for admin-level access directly from the locked login screen, with the account able to see everything on the computer.

It appears that this bug is present in the current version of macOS High Sierra, 10.13.1, and the macOS 10.13.2 beta that is in testing at the moment. It’s not clear how such a significant bug got past Apple, but it’s likely this is something that the company will immediately address.

Until the issue is fixed, you can enable a root account with a password to prevent the bug from working. We have a full how to with a complete rundown below

How to enable the root user on your Mac or change your root password

Mac administrators can use the root user account to perform tasks that require access to more areas of the system.

The user account named ”root” is a superuser with read and write privileges to more areas of the system, including files in other macOS user accounts. The root user is disabled by default. If you can log in to your Mac with an administrator account, you can enable the root user, then log in as the root user to complete your task.

The root user account is not intended for routine use. Its privileges allow changes to files that are required by your Mac. To undo such changes, you might need to reinstall your system software. You should disable the root user after completing your task.

It’s safer to use the sudo command in Terminal instead of enabling the root user. To learn about sudo, open the Terminal app and enter man sudo.

Enable or disable the root user

  1. Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).
  2. Click lock, then enter an administrator name and password.
  3. Click Login Options.
  4. Click Join (or Edit).
  5. Click Open Directory Utility.
  6. Click lock in the Directory Utility window, then enter an administrator name and password.
  7. From the menu bar in Directory Utility:
    • Choose Edit > Enable Root User, then enter the password that you want to use for the root user.
    • Or choose Edit > Disable Root User.

Log in as the root user

When the root user is enabled, you have the privileges of the root user only while logged in as the root user.

  1. Choose Apple menu > Log Out to log out of your current user account.
  2. At the login window, log in with the user name ”root” and the password you created for the root user.
    If the login window is a list of users, click Other, then log in.

Remember to disable the root user after completing your task.

Change the root password

  1. Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).
  2. Click lock, then enter an administrator name and password.
  3. Click Login Options.
  4. Click Join (or Edit).
  5. Click Open Directory Utility.
  6. Click lock in the Directory Utility window, then enter an administrator name and password.
  7. From the menu bar in Directory Utility, choose Edit > Change Root Password…
  8. Enter a root password when prompted.

Thanks to Michael Bastos for the notification as well as Mac Rumors and Apple Support

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email
Close Menu

contact us

Have a question?
Call us