| Exclusive Deal | While supplies last, save 40% off over 40 iPhone 5 and iPhone 4/4S cases and chargers as well as Samsung S III cases at Kensington.com. Use coupon code 'SAVE40%' at checkout to receive this exclusive discount. |
Scott Anguish has posted details of a "serious security exploit" in OS X 10.1 that allows any user at the Desktop to gain root access to the machine.
Comments
Wow. That is scary! Hope Apple releases a patch soon!
I discovered this earlier as well.
I thought it was more appropriate to file a bug with apple than to blab about it all over the net.
Sheesh. Why not just give instructions on how to make and distribute Anthrax, Scott!
Most people won't be affected since you need to be sitting at the machine to do damage. It's not that scary.
Only lab administrators should be nervous. I would imagine the workaround is to have the prefs file to show 0 recent items, and change the permissions on the prefs file to be owned by root with only read access to the user.
I wrote up the details of the bug, ONLY after it had been discussed publicly. And it was already on its way to the SecurityFocus mailing list by another source.
As well, before I published the article, I confirmed with Apple that a fix is already in testing.
I acted responsibly with this.
By knowing that the bug is there, and methods of disabling it, you are BETTER prepared to deal with it.
And claiming any relationship to "anthrax" stupid. First, Anthrax is killing people -- lets not forget that. Second, the situation is much more akin to telling people that there is a danger.. something very important in the field of N/B/C type threats.
As the one who apparently "disclosed" this, I have this to say:
It seems to me that it'd be better to let people know so that they can do something about it until Apple does something. Or maybe wait to adopt OS X until Apple does something about it. I thought about not saying this, but then I realized that someone else will figure it out at some point and could use it maliciously. So why not warn people? Why not put the pressure on Apple to fix it sooner? They certainly haven’t fixed it in the 6 months that OS X has been officially released, let alone how long before that?
I did report it to Apple as well, if you read earlier in the thread.
And how can you possibly compare this to giving instructions on how to make and distribute Anthrax? In this time of national crisis, you dare to compare a (relatively) minor security problem in a new OS to something with the potential to kill thousands of people? You need to put some things in perspective, or at least think about what kind of light-hearted jokes/references you make in a public forum.
I put this through its paces. Scary indeed:
1. Log in as a regular, non-admin user.
2. Launch Disk Utility. (NetInfo works, but PrintCenter did not for me)
3. Select Apple menu : System Preferences.
4. Click on Users, and delete other users, including admins, to your heart's content.
Yikes!
Tried that last sequence at a school lab.
Having launched the "rooted" System Preferences, you can "delete" other users, but it not really delete their files, which isn't so bad.
But, you can make yourself a brand new, admin user. Then you can delete all the other users, and assign their files to your new admin user.
After that, you could destroy everyone else's files if you so chose.
The "regular" user that I used for this didn't even have a login password, by the way. (It was a "Web browser" user)
You can crack just about any machine you have physical access to. It's not as if this is a network vulnerability.
Yes, Apple should release a patch, and yes, it's good that we all know and can avoid the hole, but it's not as big a deal as being able to compromise the system from anywhere on the Internet (as with IIS or something). Lighten up.
as was said by a few people... if someone has PHYSICAL ACCESS to your machine, they can do anything they want, and there's not a damn thing you can do about it. If they cant get root access, they can take out the hard drive, put it in another machine, and get access to anything on it they want.
If it was a bug that could be exploited through remote shell, THEN we would have a problem.
I'm as concerned about this as I am concerned about getting anthrax. In other words... NOT VERY
OR
Network Headlines
Most Popular
MacNN Sponsor
Recent Reviews
MaxUpgrades MaxConnect for 2006-2008 Mac Pro
Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...
Brother HL-3170CDW LED Printer
We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...
HTC One
It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...
Most Commented
Popular News
Fresh-Faced Recruit
Joined: Oct 2001
hmmm...
I started a thread about this yesterday. If anyone's interested, it's here:
http://newforums.macnn.com/cgi-bin/ultimatebb.cgi?ubb=get_topic&f=33&t=005722