updated 06:10 pm EDT, Tue October 30, 2007
Leopard firewall flaw
Security experts have analyzed Apple's Mac OS X 10.5 Leopard firewall, and have declared the feature unreliable, according to heise Security. Firewalls are designed to prevent unwanted traffic -- such as denial of service attacks -- from entering a secured network, and are configured to prevent unauthorized access by intruders. The firewall in Mac OS X Leopard, however, comes pre-configured to allow all incoming connections and even deactivates previously-enabled firewalls when upgrading to Leopard. What's more, even when configured to deny all incoming connections the firewall still allowed incoming connections in one test.
"A number of peculiarities emerged in the course of testing. A newly booted MacBook refused time synchronisation - only to permit it a few moments later for no apparent reason without any changes to the security settings having been made. Further, it is not clear at what point Mac OS X starts which services, or how it decides which of these should be accessible and which should not."
The results mean Mac users can't rely on the firewall included with Mac OS X Leopard, according to the experts, because even if users choose to block all incoming connections potential attackers can continue to communicate with system services like the time server.
"Both system services run as root and do not appear to be supported by Leopard's new sandbox functions. If, therefore, a security problem which can be exploited remotely to inject and execute code is detected, an attacker could gain complete control over the system - with all the consequences this entails, right up to mass distribution via a worm."