View Full Version : Keyboard Combination Bypasses Allows Root On Mac Os X

11-14-03, 06:31 PM
Upgrading Mac OS X to version 10.3.0 corrects a login vulnerability that can allow a user to gain root access without a password by using the right key combination--and the right keyboard.

Using a USB keyboard, a user can crash the Init script by holding down the CTRL-C key combination during the boot process. After the Init script crashes several times, the user has access to the root console without the root password. The user can then run root console scripts to have full control of the operating system. Versions 10.2.8 and prior are vulnerable; upgrading to version 10.3.0 is necessary.