[原文]Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.
Mac OS X contains a flaw that may allow a local denial of service. The issue is triggered when the 'loginwindow' application has been configured to display the login window as 'Name and password' and the 'Show the Restart, Sleep, and Shut Down buttons' option is disabled. By providing '>restart', '>power' or '>shutdown' in the username field of the login window, a malicious user can force a reboot or shutdown of the machine without providing a password first resulting in a loss of availability.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.