Am 29. November 2017 08:36:27 MEZ schrieb Ilya Abimael <ilyaabimae...@mail.com>: >Hello, > >https://news.ycombinator.com/item?id=15800676 > >The mentioned news is _NOT_ OpenBSD related. It just got something in >my mind to ask:
You forgot a important detail. The root user is there in all Mac OS X, OS X and macOS versions. It is disabled by default and, it has no password by default. You set the root password if you activate the root account the first time. Which brings the next problem. The first by default created user on a Mac OS X (see above) machine is a administrator. Any administrator could activate the root account and, the most normal users did not create a user for daily jobs. The idea of Apple is, buy it, switch it on and use it. > > >The question: Would it be a good thing to MANDATORY disable any >passwordless login? IMHO a useless question in theese days. In Mac OS X (as you refer to it) you can use the profile manager or parential control to limit things if you really need passwordless accounts like a public kiosk system or for people with disabilities - but there you also have assistive technologies like VoiceOver and Braile support. > >OpenBSD would probably never have similar issue, but maybe it would be >a good mitigation? Search for the discussion about SSH login passwords / keys. > > >Thanks.
