Full Disclosure mailing list archives
Re: NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
From: K F <kevin () trifinite org>
Date: Wed, 23 Aug 2006 09:13:07 -0400
Propaganda Support wrote:
I must have missed that man page. I can't find the one that says if you don't have the password for user X then you are not user X.Then you aren't an admin user. You're using someone else's admin account. This is not simply arguing over semantics. These concepts are well defined on Unix-based systems.
I assume you never considered that folks do gain access to peoples accounts from time to time... so just for the sake of argument.... say I take advantage of the latest lets say Bluetooth bug in OSX that allows me to obtain the privileges of the logged in user. I have caught you with your Bluetooth chip enabled and have managed to get a remote shell on your computer while you are logged in as an admin level user. I am now an admin level user regardless of having your password or not... (sure I can rm your home dir but I can't add a user or do anything else root level) By your understanding of an admin user it seems as if you have absolutely NO problem with me as an attacker simply making my self root at this point. You seem to hold no differentiation between someone that has gid=admin and root regardless of if they have a password or not.If your argument is based primarily on allowing others to have access to an admin account which is not theirs (i.e., for which they do not have the password), then you really don't have much of an argument. In general, this is a VERY BAD IDEA, and is completely unnecessary on a multi-user system like OS X.
I am guessing that you also do not see an issue in the behavior of not re locking control panel (like OSX does by default) item as well?
-KF
Kind Regards, -jeff --Jeff Holland http://propagandaprod.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ] Propaganda Support (Aug 23)
- Re: NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ] K F (Aug 23)
- <Possible follow-ups>
- NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ] Propaganda Support (Aug 23)