2 root passwords? yikes!


Howdy ya'll,
first let me say what a pleasure it has been to completely geek-out at this site. (Formerly, I considered myself well-rounded....)

I don't know if you remember the days before Tiger, in which, Apple was not keen on allowing John Q Public the opportunity to gain Root access, but suffice it to say, I was reasonably surprised to find, in Tiger's Netinfo Manager, the newly added option to "enable root user". WOW!!! (now i begin to wonder if, previously, to gain root access, hacking through Netinfo manager by erasing the root passwd, leaving it blank and resetting it in a shell was a good idea!) Nevermind, I say, onward and upward.

so I'm installing some random stuff the other day, and 'su' from the command line (accidentally hitting enter at the passwd promt). Much to my shagrin, POW!... root. (Oh $&^%!!!)

I had previously changed my root passwd in the shell... so i check. Indeed, the new passwd (shell-style) is functioning, but also simply hitting 'return' does the same thing. wow....

after some experimenting, it becomes clear that there is a minor discrepancy between the root passwd enabled through the Netinfo Manager, and the passwd enabled (by you or I) on the command line. so, I disable the root user in Netinfo and no longer can someone simply press 'return' at the command line. However, I still have root access through 'su', from the shell using my 'su' or 'root' passwd.

i'm not sure, but have also been experiencing something funky with the log in screen. occationally, after putting the machine to sleep at the log in screen, my lovely fiancee will wake up and log in... after which i do the same, seeing, however a mysterious "system administrator" logged in as well (the picture with all the lightning, etc..) so, i log in to that account, using the root passwd, but it just gets stuck.... no desktop, no nothing.... time to "hard reset". Maybe because root isn't enabled through Netinfo?...

some scary stuff... respond. (in fear, if you must) : o

The 'enable root user' was in Netinfo Manager under Panther as well and if memory serves correcly in Jaguar. I am a little confused in that as far as I am aware there can only be one 'root' account with that name.

It is possible to assign root priveliges to a user account, but it is indeed worrying for a root account to appear with no password, by default there isn't one when you enable it under Netinfo Manager, but it propmts you to set one.

If you discover the cause please post it back here as I keep my macs pretty well locked down and don't want anything that may be able to be exploited.