updated 10:15 am EDT, Tue October 23, 2001
Martin Ler, editor of the Czech Mac Magazine, writes about another OS X-related security hole (which has yet to be confirmed) that gives access to home folders via AppleShare:
"If you are Admin user on some machine (so you are NOT a root, which have access everywhere), you are not able to surf through home folders of another users. But when you will connect to the same computer through AppleShare (even on the same computer), with your name and passwd, you will got access to the disk and public folders of users and when you will mount disk, where users folders are, you can freele surf through and copy anythink and make any changes. Of course, you can do this through network too. For normal users (not admins) are accessible just public folders, so they can't access anything more, than they realy can. This security problem is just afecting users home folders, not System folder, so it's not possible to render system unusable."