Wednesday, June 28, 2006

Mac OS X security hole


The Alastair's Place has a post mentioning a security hole in Mac OS X, where is is possible for an arbitrary application to get the admin password.  Once this happens, it would be possible for it to execute arbitrary code.  This hole allows any application to present the Admin Authentication dialog and make it look like it is coming from a trusted application.


Alastair reported this to Apple in 2003, but Apple hasn't responded.  I am not sure what they can do, since any application can make a dialog appear like an authentication dialog, even without using the standard system call.


Unfortunately, I don't see a way to easily determine if an application is using this trick.  It looks like the process name that is displayed in top and ps is the value from argv[0].


[via The Apple Blog]


Technorati Tags: ,