Re: Cocoa can be used to execute arbitrary (privileged) code !
Re: Cocoa can be used to execute arbitrary (privileged) code !
- Subject: Re: Cocoa can be used to execute arbitrary (privileged) code !
- From: Jerry LeVan <email@hidden>
- Date: Fri, 20 Jun 2008 00:10:15 -0400
On Jun 19, 2008, at 11:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
That turns off the setuid bit. I'm sure that'll break Remote Desktop
functionality, but that's still preferable to having your machine
pwned. (And it can be fixed by using Disk Utility to repair
permissions.)
—Jens
I removed my user name from the "allow access from only these users"
and the
hack quit working...
I added myself back in and turned on all of the options and the hack
still
does not work...
I checked the ARDAgent executable and the suid bit is still set.
Very Strange.
Jerry
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden