Passwords, as weak as they may be, are the common man’s only real protection when talking about access to our protected files. A new Lion security slip-up pretty much makes having a password pointless in multi-user environments.
It has been revealed that any user on a Lion system can simply issue a command to change the password of any other user on that system. Admin access isn’t even required to do so.
The command is pasted below:
dscl localhost -passwd /Search/Users/USERNAME
When you run the above command via terminal, it may appear that an error has occurred, when in actuality, you are now able to enter a new password for the username you specified in the command line.
There are a few catches to this flaw, but a lot of systems will find that they are vulnerable. You must have physical access to the machine, as the command will not work via SSH access and you must also, as the user, have access to the machine’s Directory Service.
CNET has offered up a few ways you can help safeguard against this exploit until a proper fix is released from Apple.