Mac OS X Lion makes it unnecessarily easy for password crackers

Mac OS X Lion makes it unnecessarily easy for password crackers
Mac OS X Lion allows ordinary users to access the password hashes of other users, as security expert Patrick Dunstan reported. On Mac OS users, password hashes in shadow files are stored, usually only allowed to access the root user. Lion with Apple changed the authentication process and have made a mistake, according to Dunstan, which can now also non-root users via a detour through the Directory Services read out the password hashes from the shadow files.
Based on the hashes, you can find the original password by automated full search (brute force). Depending on the complexity of the password but this may take some time. Because the passwords are hashed with Salts, with rainbow tables attacks are very costly. For more information about password storage, see the article on heise Security Cracker brake.
Dunstan has released a Python script that performs a dictionary attack on the Lion's password. Apple has previously announced a patch. For home users, this vulnerability of little importance, since the sticking effort would seldom justify the benefits. Only for multi-user systems, which depend on the strict separation of individual user accounts, this could be a problem.
[Update] The security expert also reported that they could change the password of the logged on user with the command "dscl localhost-passwd / Search / Users / username" without knowing the previous password. If an attacker is already registered with a different user account on the system, it would irritate him little to change the password of the user. The owner of the account can not log in because more and the attack would immediately fly away. [/ Update]
Update: The last paragraph has been corrected. Unlike before, the command is given for changing the password for the currently logged on user account.