Apple explains how to fix macOS High Sierra file sharing after security update breaks feat...
Though today's macOS High Sierra security update patched a critical root user bug, it introduced a problem that prevents Mac users from authenticating or connecting to file shares on their Mac.
Briefly outlined in a document posted to Apple's Support pages, the issue appears to impact only a portion of macOS High Sierra users who downloaded and installed today's security update.
The number of people affected by the file sharing bug is unknown, but it seems a system library error is to blame for failed authentications. Impacted users took to social media to report the problem, which is quickly solved with a minor Terminal procedure.
As noted by Apple in its Support Document, users experiencing file sharing issues need to do the following:
1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
2. Type
3. Enter your administrator password and press Return.
4. Quit the Terminal app.
That Apple introduced a second issue with its fix for the recently discovered root access bug is unfortunate, but the remedy is a small price to pay to ensure that your Mac is secure.
On Tuesday, researchers went public with a macOS High Sierra flaw that allows anyone to log in as a Mac's "root" System Administrator without requiring a password. Using the same method, nefarious users can also bypass the macOS lock screen and, in some cases, gain root access to a Mac remotely if certain screen sharing, remote access or VNC sessions are enabled.
Apple promised a fix just hours after the security hole hit media outlets. The company delivered the patch early today as Security Update 2017-001, which was made available through the Mac App Store.
Briefly outlined in a document posted to Apple's Support pages, the issue appears to impact only a portion of macOS High Sierra users who downloaded and installed today's security update.
The number of people affected by the file sharing bug is unknown, but it seems a system library error is to blame for failed authentications. Impacted users took to social media to report the problem, which is quickly solved with a minor Terminal procedure.
As noted by Apple in its Support Document, users experiencing file sharing issues need to do the following:
1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
2. Type
sudo /usr/libexec/configureLocalKDC and press Return. 3. Enter your administrator password and press Return.
4. Quit the Terminal app.
That Apple introduced a second issue with its fix for the recently discovered root access bug is unfortunate, but the remedy is a small price to pay to ensure that your Mac is secure.
On Tuesday, researchers went public with a macOS High Sierra flaw that allows anyone to log in as a Mac's "root" System Administrator without requiring a password. Using the same method, nefarious users can also bypass the macOS lock screen and, in some cases, gain root access to a Mac remotely if certain screen sharing, remote access or VNC sessions are enabled.
Apple promised a fix just hours after the security hole hit media outlets. The company delivered the patch early today as Security Update 2017-001, which was made available through the Mac App Store.
Comments
We all joke, but just go to MacRumors and you'll read these same things. Its almost comical!
And here we are.
Even with the sudo command (as admin) there are operations you cannot do, which root does allow. Not only macOS uses this principle, some other Unix and Linux distros do the same.
Basically you can compare the ‘root’ user with a tree root; root has full control, all other user types are layered on top, including ‘admin’ and ‘guest’ users.
Gaining root rights in macOS by entering an empty password is therefore an incredibly stupid oversight.
http://www.bbc.co.uk/news/technology-42174168
Apple’s apology for the original snafu.
Maybe a "better version" of the same patch?
The Root user can shoot herself in the head.
Any questions?
The whole disclosure thing, however, still leaves me feeling cold about current manifestations of human nature and the depths to which they have sunk in terms of respect, consideration, and empathy.
Imagine for a moment that you innocently stumbled upon the fact that the back door of a retail store, say an audio-video store selling big screen TVs, had a broken lock on the back door that the owner didn't know about. Upon closer examination you found that the broken lock would allow you to enter into the storage area of the store and make off with anything in the store's inventory while being completely undetected. Would you:
a. Help yourself to whatever you want in the store's storage area.
b. Call all of your friends and tell them know about the broken door lock and potential availability of free stuff for easy pickings.
c. Talk to the store owner and let him or her know what you've stumbled upon.
The person who discovered the root flaw decided answer "b" was the right one in this case. I'm sorry, but this doesn't sit well with me. Maybe our current culture has devolved into one where screwing everyone who's not YOU is standard operating procedure, but it still isn't right. Whether it's some small time business owner just trying to get by or a multinational company supporting millions of jobs, families, and shareholders, practicing a tiny bit of consideration for once wouldn't kill the guy. Sure, his good deed would go unnoticed compared to the notoriety he's getting now, but so what.