• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Security
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security


  • Subject: Re: Security
  • From: Axel Luttgens <email@hidden>
  • Date: Sat, 19 Sep 2009 00:19:55 +0200


Le 18 sept. 2009 à 21:38, Luther Fuller a écrit :

My scripting activities lead me to looking into which users can open a sparsebundle created by another user. While doing this, I noticed something I don't think I like.

I have two startup disks: 10.6.1 on my internal HD and 10.5.8 on an external FW HD.

1. A standard user on the 10.5.8 external HD can read the Home folder of any standard (but not admin) user on the 10.6.1 internal HD.

2. A standard user on the 10.6.1 internal HD can read the Home folder of any user (including admin) on the 10.5.8 external drive.

Apparently, if I wanted to snoop, I could carry around an external 10.6.1 FW startup drive and see things you wouldn't want me to see.

Do you see a bug here?

No, because the way permissions on a volume are honored depends on the way that volume is mounted by the OS or on the way a daemon (say, AppleFileServer) takes those bits into consideration for sharing the data.
Those r/w bits associated to files and directories are just... bits, and they don't preclude anyone having a physical access to the drive from reading the drive's contents.
If one wants secure storage, the only way is to encrypt the data put on that storage.


Axel _______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden
References: 
 >Security (From: Luther Fuller <email@hidden>)

  • Prev by Date: Re: Security
  • Next by Date: Re: cron/Launchd Editor
  • Previous by thread: Re: Security
  • Next by thread: Speakable Item and SpeechRecognitionServer
  • Index(es):
    • Date
    • Thread