Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Being root without enabling root' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Being root without enabling root
Authored by: stetner on Dec 01, '03 07:13:20PM

You should view any admin user as a root user. In the current security model an admin user can become root without sudo.



[ Reply to This | # ]
Being root without enabling root
Authored by: cilly on Dec 02, '03 11:30:32AM

What? Become root without sudo?

Explain!

---
cilly @ http://www.cilly.dyndns.org/

[ Reply to This | # ]

Being root without enabling root
Authored by: stetner on Dec 03, '03 07:02:54AM
The finder allows any admin user to authenticate to replace root owned files and change ownership etc. Therefore it is a simple exercise to put a hook in to, say the boot rc file, to create a file that will give the admin person the ability to become root. It is NOT a security flaw, but a design decision. As I said, an admin users is the equivalent of root. There is a discussion of it here
http://forums.macosxhints.com/showthread.php?s=&threadid=17727&perpage=20&highlight=root&pagenumber=1


[ Reply to This | # ]
Also...
Authored by: discordantus on Dec 12, '03 04:25:47AM

Additionally, any admin user can enable the root user and supply a root password...

er, don't let anyone you don't trust be an admin user!



[ Reply to This | # ]