[NTLUG:Discuss] Mac OS question

Steve Baker sjbaker1 at airmail.net
Tue Dec 3 14:18:05 CST 2002 

Brad Christian wrote:
> We recently got a G4 mac, but it was turned 
> on and run through setup without me. As a 
> consequence, no root password was entered! 
> (the same way you don't have to enter an 
> admin password in 2k or xp)
> 
> Now I can't su from the CLI. Do I have to 
> reinstall or is there a trick?
> 
> Any links about macs and linux would help 
> too, not much on google out there.

Well, this is a Linux group - and you might have
more luck with a BSD group.

However: The three most obvious tricks (for
a PC-based Linux box) are:

   1) Boot the machine into single-user mode.
      In that mode you are root and can change
      the password.  However, booting into single
      user mode isn't possible with all UNIX varients
      and it's possible that it won't be allowd with
      the Mac.

   2) Find someone else with a Mac.  Unplug your
      hard drive and plug it into their machine as
      the second drive. (This is easy with PC's - dunno
      how hard it is on a Mac).

      Now, you can boot that second Mac (whose root
      password you know) - and mount the second drive
      under (say) /mnt.  Now you can edit /mnt/etc/passwd
      and replace or remove the root password.  When you
      put the drive back into your own machine, all should be
      well.

   3) If you have a copy of your OS that's bootable from
      CD-ROM/DVD/Floppy then you can boot from the floppy
      (the root file system will be on that removable
      media - so you'll know the root password) - and then
      mount the hard drive and edit the password file as
      in (2) above.

      Bootable CD or even Floppy-based Linux distro's are
      easy to get hold of - but perhaps such things don't
      exist for MacOSX.

Notice that all three of the approaches above entail having
physical access to the machine, so they really aren't serious
security gaps.

Anything else is likely to entail cracking the machine using
some kind of security loophole...I have no idea what exploitable
loopholes MacOS might have.  There are password guessing
programs out there that have reasonable success rates at guessing
poorly-chosen passwords.

---------------------------- Steve Baker -------------------------
HomeEmail: <sjbaker1 at airmail.net>    WorkEmail: <sjbaker at link.com>
HomePage : http://web2.airmail.net/sjbaker1
Projects : http://plib.sf.net    http://tuxaqfh.sf.net
            http://tuxkart.sf.net http://prettypoly.sf.net

More information about the Discuss mailing list