Home Music Articles Forums Blog Chat More...      

add to bookmarks
Prev Topic | Next Topic

Author
Posts
(Read 405 times)
particledots
Forum Full Member


Registered: 05/25/09
Posts: 1576
Location: , United States
 
'really bad' - be careful mac users
Wednesday, November 29 2017 @ 06:10 AM CST

magnatone
Forum Full Member


Registered: 02/08/08
Posts: 4401
Location: N/A
 
Re:'really bad' - be careful mac users
Wednesday, November 29 2017 @ 11:22 AM CST

apple just pushed the fix update this morning

my most recent song: "First Light (solo piano)"
MikeRobinson
Forum Full Member


Registered: 08/29/11
Posts: 754
Location: Chattanooga, TN United States
 
Re:'really bad' - be careful mac users
Wednesday, November 29 2017 @ 12:22 PM CST

You should know, however, that so-called “root access” has always been very easy to come by, on both OS/X and Linux, if you are a so-called “administrator.”   (Linux:   “a member of the wheel group,” which is often a default.)

If this is the case, you merely need to open the Terminal utility and enter:   sudo su.

Enter your own(!) password, and watch the Shell-prompt turn from > to #.

And this is precisely why my “usual” OS/X login is not an Administrator.   In fact, of the many purpose-specific logins that I have on my machine, only one has that power.

It is called the “Principle of Least Privilege”, and I strongly advise all of you to do the same.   If your usual login account is an Administrator, simply create a new account that is also an Administrator.   Then, log-in as that user and remove your super-powers from yourself.

- - -

Obviously, this was an inexcusable yet all-too-human mistake:   the root user should be disabled by default, and it always has been until now.   “Somebody screwed up, yes, but it could have ... ‘D’oh!!™’ ... been anybody.”  
SmokeyVW
Forum Full Member


Registered: 06/13/06
Posts: 7070
Location: N/A
 
Re:'really bad' - be careful mac users
Wednesday, November 29 2017 @ 06:08 PM CST

this is just "Fear Mongering™" (by, i wonder who?)

read up on it. simple shit people ought to know:

don't let people use your machine while you're logged in and you walk away. or leave the house. or go on vacation. or die, fer crissakes

simple shit™ like that.

don't let the "Fear Mongerers" get yer goat.
MikeRobinson
Forum Full Member


Registered: 08/29/11
Posts: 754
Location: Chattanooga, TN United States
 
Re:'really bad' - be careful mac users
Monday, December 04 2017 @ 12:20 PM CST

Hope you weren't talking about me, Smokey ... take for granted that you’re not.

This is actually a very simple technical mistake, easily overlooked in the flurry of pre-launch preparations for a new OS release. Obviously, someone screwed-up ... and yet, this is certainly an “edge case” which very-certainly could have been missed.

The actual root account is supposed to be completely disabled for login: access, unless you dive through several meant-to-be very-obscure hoops, and then reboot your computer.   And then, you must find your way past the list of pretty-pictures in order to reach a (well-hidden) “Unix-style” login dialog, which allows you to enter both a user-name and password but without offering you any sort of clues as to what a “correct response” would be.

The majority of my previous comment was really to emphasize why you should set up a new account for your everyday use which is not allowed to “manage this computer.”   Anyone who does have this privilege can simply open the Terminal utility, type the magic words sudo su, enter their own password, and become root.

(Although, in all recent incarnations of OS/X nee “MacOS, the Sequel,” the powers of root are no longer “unlimited.”)

Do This™:   Let there be one, and only(!) one, account, on your entire machine, which is privileged to “administer™” the machine.   (Never log-on to this account, unless there is a damned good reason!)   Then, create one-or-more non-Administrator accounts for all everyday purposes.

(Do exactly the same thing, for exactly the same very-good reasons, on any and every Microsoft Windows machines that you may be so-unfortunate as to own ... as well as Linux.)

There is absolutely no good reason to be “routinely” using a user-id that is capable of walking into a nearby phone-booth, merely saying “SHAZAM!,” and emerging in tights!

If you simply remove this prerogative from yourself, then you also remove it from any nasty rogue software that might find itself executing in your name, having somehow lured you into providing it with your password.   The rogue will find itself stuck in that phone-booth, minus the 25¢ that is required to do the only thing that it can manage to do in there.
SmokeyVW
Forum Full Member


Registered: 06/13/06
Posts: 7070
Location: N/A
 
Re:'really bad' - be careful mac users
Wednesday, December 06 2017 @ 05:18 PM CST

Quote by: MikeRobinson
Hope you weren't talking about me, Smokey ... take for granted that you’re not.

no, no... just saying that basic computer hygiene will keep apple users safe
 
MikeRobinson
Forum Full Member


Registered: 08/29/11
Posts: 754
Location: Chattanooga, TN United States
 
Re:'really bad' - be careful mac users
Wednesday, December 06 2017 @ 08:30 PM CST

Quote by: SmokeyVW
Quote by: MikeRobinson
Hope you weren't talking about me, Smokey ... take for granted that you’re not.

no, no... just saying that basic computer hygiene will keep apple users safe


Of course.