Home
macOS
Issue with persistent user creation through live terminal session

Issue with persistent user creation through live terminal sessionSolved

Participant

1 week ago

Hey folks,

I ran into something odd while using Live Terminal on one of my Mac devices, and I’m hoping someone can clear this up.

So, after running a session, I noticed a new local account popped up — something like Hexnode-RMM-. Naturally, I checked it out, and it turns out this account:

Exists in the system directory with its own UID and home folder.
Shows up in the /etc/sudoers file with full passwordless sudo access.

The bit that threw me off is even after I closed the Live Terminal session, the user stayed on the device with admin privileges intact. Our compliance scan actually flagged it as a potential security risk.

Is this normal behavior?

Shouldn’t this user be cleaned up automatically once the session ends, or are we supposed to handle that manually?

Just want to be sure I’m not missing something here, especially with that unrestricted sudo access sticking around.

Replies (1)

Marked SolutionPending Review

george

Hexnode Expert

1 week ago

Marked SolutionPending Review

Hey @alice_grey,

Thank you for bringing this up. Our team has already started digging into this behavior. It definitely makes sense to be cautious. We’re checking how the session cleanup works on macOS devices and making sure that the temporary RMM account behaves as intended. I’ll keep this thread updated once we’ve rolled out a fix. Really appreciate you reporting this in such detail.

Regards,
George
Hexnode UEM

Save

Issue with persistent user creation through live terminal sessionSolved

Tags

Replies (1)

Leaderboard

Popular Tags

Issue with persistent user creation through live terminal sessionSolved

Tags

Replies (1)

Related Topics

Leaderboard

Popular Tags

Login to Hexnode Community