Re: Cocoa can be used to execute arbitrary (privileged) code !
Re: Cocoa can be used to execute arbitrary (privileged) code !
- Subject: Re: Cocoa can be used to execute arbitrary (privileged) code !
- From: Derek Chesterfield <email@hidden>
- Date: Fri, 20 Jun 2008 05:18:33 +0100
On 20 Jun 2008, at 05:10, Jerry LeVan wrote:
On Jun 19, 2008, at 11:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
That turns off the setuid bit. I'm sure that'll break Remote
Desktop functionality, but that's still preferable to having your
machine pwned. (And it can be fixed by using Disk Utility to repair
permissions.)
—Jens
I removed my user name from the "allow access from only these users"
and the
hack quit working...
I added myself back in and turned on all of the options and the hack
still
does not work...
I checked the ARDAgent executable and the suid bit is still set.
Very Strange.
That 'fix' didn't work for me. Perhaps your ARDAgent process hasn't
quit?
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden