Apple posts workaround for ‘root’ security flaw

November 29, 2017

Apple has confirmed a serious security flaw in the latest version (called High Sierra) of its Mac operating system. While Apple works to fix the problem, they have published a workaround which, frankly, is a bit complicated to implement. Basically it involves creating a new user, called root, and assigning that user a password. That way, if someone does try to log-in as “root,” they will be required to use that password you just assigned.Apple’s warns users that “The root user account is not intended for routine use. Its privileges allow changes to files that are required by your Mac. To undo such changes, you might need to reinstall your system software. You should disable the root user after completing your task.Here is what Apple recommends (from this Apple page)

Enable or disable the root use

Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).

Click lock icon, then enter an administrator name and password.

Click Login Options.

Click Join (or Edit).

Click Open Directory Utility.

Click lock icon in the Directory Utility window, then enter an administrator name and password

From the menu bar in Directory Utility

Choose Edit > Enable Root User, then enter the password that you want to use for the root user.

Or choose Edit > Disable Root User.

 Log in as the root user

When the root user is enabled, you have the privileges of the root user only while logged in as the root user.

Remember to disable the root user after completing your task.

Change the root password

  1. Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).
  2. Click lock icon, then enter an administrator name and password.
  3. Click Login Options.
  4. Click Join (or Edit).
  5. Click Open Directory Utility.
  6. Click lock icon in the Directory Utility window, then enter an administrator name and password.
  7. From the menu bar in Directory Utility, choose Edit > Change Root Password…
  8. Enter a root password when prompted.

Choose Apple menu > Log Out to log out of your current user account.At the login window, log in with the user name ”root” and the password you created for the root user.
If the login window is a list of users, click Other, then log in.