Bugtraq mailing list archives

Re: nidump on OS X

From: Bryan Blackburn <blb () pobox com>
Date: Tue, 17 Sep 2002 09:54:37 -0600

Disabling nidump wouldn't help, as this is NetInfo being a little too
generous.  You can also use, for example, niutil:

niutil -read . /users/root

You'll note nidump isn't setid-anything, so someone can simply copy it
from another machine.

Bryan


On Sep 15, 2002 14:28, Dale Harris stated:

Basically any normal user can get a dump of the passwd file and attempt 
brute force attacks on the encrypted passwds, it includes the root passwd.

This problem has been around for well over a year, but Apple ignores it:

http://www.securitytracker.com/alerts/2001/Jul/1001946.html
http://online.securityfocus.com/archive/1/211718

However Apple hasn't seemed to bother addressing it yet since it still persists
in OS X.2 (Jaguar).  You'd think they might have taken the opportunity to fix
this problem with a new major release.

This obviously isn't such a big problem when you are dealing with only
limited access desktop systems, but Xserve exists now, and I would think
it'd be a bigger concern.  Course you could always chmod 700 nidump.

-- 
Dale Harris   
rodmur () maybe org
/.-)

Current thread:

nidump on OS X Dale Harris (Sep 17)
- Re: nidump on OS X Jason A. Fager (Sep 18)
  - Re: nidump on OS X Blake Watters (Sep 19)
- Re: nidump on OS X Bryan Blackburn (Sep 18)
- Re: nidump on OS X Martin (Sep 18)
- Re: nidump on OS X John C. Welch (Sep 18)