updated 04:30 pm EDT, Mon September 19, 2011
Works without root access
OS X Lion has a serious security vulnerability allowing hackers to alter the password of any user account, writes security blog Defence in Depth. The OS reportedly allows non-root users the ability to view password hash data. As a consequence, an attacker can potentially use a basic Python script to glean a person's password.
Aggravating the situation is that Lion doesn't require a password to change a current user's login. Entering the command "dscl localhost -passwd /Search/Users/______," with the blank substituted by a person's account name, will therefore prompt for a new password. Keeping the threat under control at the moment is that an attacker needs local access to a Mac, as well as Directory Service access.
Several extra safeguards are suggested. These include disabling automatic logins, turning on sleep and/or screensaver passwords, and finally shutting off guest accounts. Except for the guest accounts, the tips are common Mac security measures.