Re: Security Issue ... was[What happens to ...]
Re: Security Issue ... was[What happens to ...]
- Subject: Re: Security Issue ... was[What happens to ...]
- From: "John C. Randolph" <email@hidden>
- Date: Wed, 17 Oct 2001 09:27:38 -0700
On Wednesday, October 17, 2001, at 08:52 AM, James Bredijk wrote:
Cupertino, we have a problem!
While playing around with "NetInfo" as previously discussed, I found
that I can do bad things while posing as "root" - such as launch
"Keychain", and then delete root's keychains without entering root's
password. This was the first test that I did, so I'm sure that this is
just the tip of the iceberg.
I think the critical question is "Can this be done from a remote
session?" If I can telnet or ssh to a host, run NetInfoManager, kill
it, and then act as root, then that's Mac OS X's first remote-root
exploit.
-jcr
"I fear all we have done is to awaken a sleeping giant and fill him with
a terrible resolve." -Admiral Isoroku Yamamoto, Dec 7, 1941.