• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: FW: What goes where?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: What goes where?

  • Subject: Re: FW: What goes where?
  • From: Dave Schroeder <email@hidden>
  • Date: Sat, 01 Mar 2003 19:20:38 -0600
[3]  All unixes are different, and MacOS X is more so.  Apple has
     made some changes that just seem arbitrary (what's the point
     of not having a "root" account?),

Ehh? Mac OS X has a root account; it is just disabled[1]. It can be enabled any number of ways, most simply by setting a password for it from any admin account:

sudo passwd root

But, why would you want or need this on the vast majority of Mac OS X workstations? It's totally unnecessary.

You can do anything you would want or need to do, up to and including giving yourself a full root shell, with 'sudo'.

The decision to ship with the root account disabled is not at all arbitrary; it's in fact welcomed that Mac OS X does not need to have the root account enabled. Having root disabled by default - and keeping it disabled - is just one more "best practice" in Mac OS X administration; one less privileged account's password that might be exploited. Additionally, even on commercial and other UNIX systems, it's much more desirable to use 'sudo' obtain privileged access to commands, or for other tasks. Here, on the several hundred Solaris, AIX, Linux, and other systems we manage, using root for anything after the machine is set up is frowned upon; the root password is set to an arbitrary string, sealed in an envelope, and locked away in case of an emergency. Mac OS X, meanwhile, does not even need the root password to be set at all for any administration tasks (with *extremely* rare exceptions).

[1] Early in the days of Rhapsody and Mac OS X Server 1.x, the root account password was set to the same as the original administrator account's password. Today, the only machines that ship with root enabled are the Xserve, where it is set to the first 8 characters of the machine serial number. Having some fully privileged account is necessary for full headless setup.

Regards,

Dave Schroeder
University of Wisconsin - Madison
_______________________________________________
x11-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/x11-users
X11 for Mac OS X FAQ: http://developer.apple.com/qa/qa2001/qa1232.html
Report issues, request features, feedback: http://developer.apple.com/bugreporter
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: FW: What goes where?
      • From: Jacques <email@hidden>
References: 
 >Re: FW: What goes where? (From: Alex <email@hidden>)

  • Prev by Date: Re: FW: What goes where?
  • Next by Date: Fink install of gimp fails
  • Previous by thread: Re: FW: What goes where?
  • Next by thread: Re: FW: What goes where?
  • Index(es):
    • Date
    • Thread