I suppose it's different if an unauthenticated user can perform a password change with the system powered on, but similar things can be done with Windows and a Linux live cd with some tools, and Linux passwords can be changed in "single user" mode.
`dscl` should change the FileVault disk password for the associated user as well.
Note that if you're able to run `dscl`, the disk has already been unlocked and is insecure. You may as well just copy any interesting data while you're there.
I'm wondering the same thing. I use filevault, but I don't feel like messing it up by changing the password this way.
I wonder if you can reset the password and use that password to simply disable the filevault.
Btw. My five cents. Write a script to:
1. change current users password to X
2. sudo "something really bad"
3. use password X
And there is a virus that can do anything on a mac. If you can change the password of the current user and he/she is an administrator, then any application can escalate to SU.
Yea with this I'd be worried about something doing that, making a new hidden user and then setting the password on the original account back leaving no immediately visible signs that anything is wrong.
The article also shows how you can obtain the current password hash without knowing the password - so you might be able to stash that away, and then surgically put the old hash back once you're root.
You can easily disable the ability to boot an Mac OS X CD or DVD and change the password using Open Firmware password protection: http://support.apple.com/kb/HT1352
