macOS Users & External Accounts
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Daemon: User reserved for system daemons. The default daemon account names usually start with a "_":
Guest: Account for guests with very strict permissions
Nobody: Processes are executed with this user when minimal permissions are required
Root
Standard User: The most basic of users. This user needs permissions granted from an admin user when attempting to install software or perform other advanced tasks. They are not able to do it on their own.
Admin User: A user who operates most of the time as a standard user but is also allowed to perform root actions such as install software and other administrative tasks. All users belonging to the admin group are given access to root via the sudoers file.
Root: Root is a user allowed to perform almost any action (there are limitations imposed by protections like System Integrity Protection).
For example root won't be able to place a file inside /System
MacOS also support to login via external identity providers such as FaceBook, Google... The main daemon performing this job is accountsd
(/System/Library/Frameworks/Accounts.framework//Versions/A/Support/accountsd
) and it's possible to find plugins used for external authentication inside the folder /System/Library/Accounts/Authentication/
.
Moreover, accountsd
gets the list of account types from /Library/Preferences/SystemConfiguration/com.apple.accounts.exists.plist
.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)