Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
You can access it via System Preferences>Users & Groups>Click the lock to make changes. Then use "root" with no password. And try it for several times. Result is unbelievable! pic.twitter.com/m11qrEvECs
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
To neuter this, I'd suggest:
sudo dscl . -passwd /Users/root $(uuidgen)
This will set root's password to a random string. Setting shell to /usr/bin/false does not block prefpane unlock. https://t.co/LJ8z1qgNSa
— Per Olofsson (@MagerValp) November 28, 2017
Reminder: if you need a complex password (say to set as a root password) you can use the Password Assistant via Sys Prefs -> Users & Groups -> Change Password… click key icon. Copy password, cancel password change. pic.twitter.com/PtXsM9d3W8
— Pepijn Bruienne 🌲🧀💴 (@bruienne) November 28, 2017
PSA: Have macOS High Sierra? Anyone can access your machine as root with no password – video demo below.
This is an OS default, so unless you set the password explicitly for root, you are vulnerable.
Fix this by setting a password for the root user!
Credit to @lemiorhan. pic.twitter.com/fGdA0bvNn2
— Den (@DennisCode) November 28, 2017
It looks like what's happening is that when you do this you're creating a root user with no password. Anyone who's tested this out should go disable the root user again in the Directory Utility ASAP.
— Amy Hailes (@a_hailes) November 28, 2017