[OreoCookie]

I have activated the root account using NetInfo and set a password different from the usual admin password.
Typing 'sudo su' I gain root access without asking for the root password!
Is that correct? Otherwise, a separate root password wouldn't make sense.
The user on my system here needs admin abilities, otherwise it does not work.

[Ghoser777]

That's really weird... I get prompted for a password. Are you sure you're not already logged in as root (if you really know what you are doing, excuse my insult).

F-bacher

[Jadey]

I know this doesn't present a solution, but the command you're typing "sudo su" isn't really a proper command. You should use either one or the other. sudo allows you to run a single command as superuser. su will switch you to superuser (in the terminal) for every command until you type "exit" at which point you're returned to your regular user.

[OreoCookie]

I am logged in as an admin user.
After deleting the group 'wheel', it did not ask for a password at all. I restored the old settings and now it asks for a password.
But it accepts the admin password, not the root password.
At my university, there is a MacLab that uses OS X only. Imagine if every admin user would gain root priveliges ...
Of course it is not something, one usually types in, but it works?!

[Mactoid]

Originally posted by OreoCookie:
<STRONG>
At my university, there is a MacLab that uses OS X only. Imagine if every admin user would gain root priveliges ...
Of course it is not something, one usually types in, but it works?!</STRONG>

True true, that would be bad indeed. Fortunately however sudo is actually very configureable. See /etc/sudoers and man sudoers for details. The default sudoers file that comes with OS X is very lenient, but you can specify exactly which programs individual users are allowed to execute. So if you had an admin who did networks stuff, you can allow him to use sudo to run tcpdump, but nothing else.

The lesson is, be very careful before you give someone an admin account on your machine.

[Ghoser777]

Originally posted by OreoCookie:
<STRONG>I am logged in as an admin user.
After deleting the group 'wheel', it did not ask for a password at all.</STRONG>

Uhmmm... why did you do that? I bet you a billion dollars that deleting wheel is a bad idea. Any person in a lab setting can take over the machine pretty easily.. that is, if they know what they are doing. They could always boot from an OS 9 CD (giving them what amounts to root access) or there's even a way to boot into single-user mode and change the root password there. There is always NetBoot, which would address both of these problems.

F-bacher

[OreoCookie]

I did it on my iBook 'just for fun', fortunately not in the lab.
They do not use NetBoot anymore, because of performance issues (about 30-40 Macs).
Of course they could boot from OS 9, etc, but it still is dangerous. I'll ask a friend of mine who works in the lab, to verify this. Maybe I just screwed up the installation.
I'll try to reinstall everything from scratch.

[Scrod]

This is perfectly normal. There are a few things that you need to understand about sudo:

sudo is a command used to allow people on a list (sudoers) to execute a command as root.

you authenticate yourself to sudo by typing your own password. (since you are already in the sudoers file, and only root has access to that, it's assumed that what you're doing is okay with root.)

when you authenticate yourself to sudo, you are given a 5 minute window in which you can use the sudo command again without having to enter your password.

the admin group is in the sudoers file by default. therefore, any admin can execute commands as root by typing their admin password.


Now let me explain to you what you did:

I have activated the root account using NetInfo and set a password different from the usual admin password.

Yep. And do you remember HOW you activated your root account in NetInfo? That's right. NetInfo used the sudo command. It asked you for your admin password first, and then used sudo to set a password for the root account.

You were able to use sudo afterward because it was probably done within 5 minutes of activiting your root account. Oh, and by the way, you DO NOT NEED TO ACTIVATE YOUR ROOT ACCOUNT. THIS IS WHAT SUDO IS FOR. The root account does NOT need to be active if you want to "sudo su -". ONLY if you want to do a plain old switch user "su" command. But there is NO need for this since you have sudo, and it's FAR more secure.

[OreoCookie]

Thanks for the explanation.
Now I understand what was going on - I wasn't quite sure whether or not this was a flaw or not.

[theolein]

The only way to completely disable booting from a CD or resetting your password is by enable the open firmware password, which effectively locks your machine.