Apple: Finding the Root of the Problem

By | March 10, 2006

The second potentially major Mac security incident in as many weeks has thankfully been debunked. Earlier this week I wrote a blog entry about a Mac Mini owner in Sweden who configured his machine as a server and challenged hackers to gain access to it.

The Mini was — as hackers like to say — owned only 30 minutes after the challenge started. By owned, I mean rooted. An outside attacker, through a remote Internet connection, was able to get “root” access — the highest and most powerful level of administrative access on a Unix-based computer (which Macs running OS X happen to be).

Root access gives the bearer free reign on a machine, no questions asked. Files can be altered or deleted. Accounts assigned to other users can be changed or deleted altogether. The potential for misuse of the privilege has caused Apple to ship its machines with root access disabled by default. Root can be re-enabled only through a series of technical contortions understood by advanced users.

Leave a Reply