[proxy_user]

I haven’t kept track. Has Apple abolished root and required all users with root privileges to sudo? That’s what they did in Ubuntu, although by sudo’ing to the shell executable you could still get a rootshell.

[IndispensableDestiny]

Has Apple abolished root and required all users with root privileges to sudo? The root account exists (it has to as uid 0, if not explicitly) but is disabled except through sudo.

I tried out this vulnerability on my iMac. Did not exist here. The root account was disabled, as it should be.

[Swordmaker]

I haven’t kept track. Has Apple abolished root and required all users with root privileges to sudo? That’s what they did in Ubuntu, although by sudo’ing to the shell executable you could still get a rootshell.

No, but Apple requires the creation of a ROOT level above Admin. . . which is what this is about. Normally it requires that the Admin user creates a ROOT password with the activation of the ROOT ability. Someone forgot to turn that requirement back on.

In addition, there is now a new level ABOVE ROOT in Apple Macs that requires an additional factory set password to make specific system changes that even ROOT USERS cannot alter without invoking that special password. This is to prevent even a ROOT user from doing system damage or an outsider using a ROOT access from hiding a ROOT KIT.