ROOT User Exposed

sagegreenimac

Registered
All right guys, this might be old news to some but has been a personal fight for me having no experience in Linux or Unix. I have just figured out how to access the ROOT account in OS X PB. Alright here it goes. Go into NetInfo to the Users subdirectory. Click the user "Root". Copy in some way the settings of the user and then delete the user "root". Yes I said delete him. Close the NetInfo window and watch the fun start. When you try to access the menu it tells you that the computer "/" has no root user changes cannot be made. Quit NetInfo using Cmd-Q. Now go into "Multiple Users" in the utils folder and make a new user..."Root". Make the Real name System and the short "root" makes sure to make it an admin. Close Multiple users and go back into NetInfo Manager. You will notice right away that the error is gone but the process isn't done yet. Now copy all the settings except for password settings back over to make sure that the system still functions properly. You know have unrestricted access of your computer and can reek havoc from anywhere. Advantages that I love I can log in with telnet and using the SU command become the root and do whatever I want from anywhere. Be careful to not mess anything up.
 
Maybe I'm missing something, but how is this any different from the way OSX works normally? You can already telnet in and su to root (though I wouldn't recommend telnet -- more on this below) as it is.. Why delete the root user (most Unices won't let you delete UID 0, anyway)?

Warning to newbie *nix users -- doing things as root without a full knowledge of what you're doing is a nearly surefire way to whack your box beyond recognition.

Anyway, telnetting into a box and su'ing root opens you to any cracker who might be sniffing packets between you and your host, as telnet is a clear-text protocol. Here's a tip: use ssh instead. That's why it's included in OSX and why telnet is turned off by default. ssh uses strong two-way encryption between hosts, and is vastly superior to telnet for administration tasks because of this.
 
that method of have root privalages on your account is pretty damn stupid (no offecne). The reson there is only one 'root' user and no one else can be given (or should be given) those privalages is that you can easyly f*ck up your computer. You might as well log on as root ever time. Besides, all you are doing is making it so that loggin on your user name loggs you on to root (because uid 0 = you are 'root' the actual name has no meaning). In other words, DONT DO IT!
Oh yah, the part where u delete root and make it again is quite pointless becuse you are just leaving root the way it was before you deleted it.
 
I have a much easier solution. If you want to log in as root, why don't you just log in as "root"? Why all the copying and deleting of information in Netinfo? When I log in as "root," I can delete the entire filesystem if I want to. Is that enough access for you?

I did make one interesting discovery the other day, though. If you "lock" a file or folder, using the "Inspector" [cmnd-I] even root can't delete it. I can see this coming in handy, perhaps. Even if someone gains root access to your machine, they can't delete a file unless they unlock it first.
 
You can\'t delete the user root without root privilages.


Duh.

That being said I wish NetInfo had read privilages.
 
Back
Top