Wednesday, June 28, 2006

Mac OS X security hole

The Alastair's Place has a post mentioning a security hole in Mac OS X, where is is possible for an arbitrary application to get the admin password.  Once this happens, it would be possible for it to execute arbitrary code.  This hole allows any application to present the Admin Authentication dialog and make it look like it is coming from a trusted application.

Alastair reported this to Apple in 2003, but Apple hasn't responded.  I am not sure what they can do, since any application can make a dialog appear like an authentication dialog, even without using the standard system call.

Unfortunately, I don't see a way to easily determine if an application is using this trick.  It looks like the process name that is displayed in top and ps is the value from argv[0].

[via The Apple Blog]

Technorati Tags: ,

No comments:

Post a Comment

Revolutionizing Air Quality Monitoring: How I Upgraded Our System with Mila Integration for Smart Home Automation

In this blog post , I explained how I set up an air quality monitoring system for our neighborhood. With this setup, we can keep an eye on t...