If you know the password you can enter it when ‘su’ asks. This vulnerability allows all processes, even untrusted one, to gain root privileges- which is a problem if that is not what you intend.
MacOS is actually less locked down than a Linux server built by even a half competent sysadmin.
> MacOS is actually less locked down than a Linux server built by even a half competent sysadmin.
In no way is this true. Linux servers built by half-competent sysadmins don't have System Integrity Protection, read-only boot images with digital signatures, or even proper secure boot.
If you know the password you can enter it when ‘su’ asks. This vulnerability allows all processes, even untrusted one, to gain root privileges- which is a problem if that is not what you intend.
MacOS is actually less locked down than a Linux server built by even a half competent sysadmin.