Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Mac OS X login passwords put at risk

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 7 May 2012 03:46:09 -0500 (CDT)
http://news.cnet.com/8301-1009_3-57428748-83/mac-os-x-login-passwords-put-at-risk/

By Jonathan E. Skillings
Security & Privacy
CNET News
May 6, 2012

Last update: 1:20 p.m. PT
Users of the Lion version of Mac OS X will probably want to update their log-in passwords.
Security researcher David Emery warns of a new vulnerability involving the FileVault feature in Mac OS X Lion, version 10.7.3, which allows for encryption of certain directories. He writes: 

    Someone, for some unknown reason, turned on a debug switch
    (DEBUGLOG) in the current released version of MacOS Lion 10.7.3
    that causes the authorizationhost process's HomeDirMounter
    DIHLFVMount to log in *PLAIN TEXT* in a system wide logfile
    readible by anyone with root or admin access the login password of
    the user of an encrypted home directory tree ("legacy Filevault").

    The log in question is kept by default for several weeks...

    Thus anyone who can read files accessible to group admin can
    discover the login passwords of any users of legacy (pre LION)
    Filevault home directories who have logged in since the upgrade to
    10.7.3 in early February 2012.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Previous By Date Next
Previous By Thread Next

Current thread: