iTWire - SubRosaSoft has me stumped

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Core Dump

Stephen Withers turns his gaze on the world of Apple, with detours into other aspects of IT and communications as they catch his attention.

Technology news and Jobs

SubRosaSoft has me stumped

SubRosaSoft has me stumped

E-mail

by Stephen Withers
Friday, 14 March 2008
Page 1 of 3 As Stuart Corner pointed out, SubRosaSoft's MacForensicsLab recently published a white paper describing the history of malware and recommending some changes that Apple could make to improve Mac OS X security. But would those changes really help? Featured Whitepaper 5 Best Practices for Smartphone Support The biggest flaw in SubRosaSoft's argument is the incorrect assertion that the Applications folder is totally unprotected. In a standard setup, only the system and admin groups have write access, so a normal user can't add or modify files in that folder. Similarly, ordinary users have read-only access to individual applications such as iTunes. You need to be in the system or admin group to gain write access. (This is where you can criticise Apple for its default 'single-user is admin' setup if you wish, but I can't accept an argument that a user with admin rights is an ordinary user.) The first page of Stuart's article slightly misquotes the Subrosasoft paper. The idea put forward is not that you would replace (eg) iTunes in the Applications folder, but that you would change the executable code within the iTunes bundle. Let's assume for a moment that there is a way of escalating privileges that would allow such an attack from a normal user account. What would stop someone from replacing executable code even if Apple didn't use bundles? The same strategy would still work. A bundle is just a folder that the OS presents to the user as a single file. At least some users have to have write access to the Applications folder, or they wouldn't be able to install applications there so that they are available to all users. Given that files can be hidden, I really don't see how bundles make any real difference to security either way. << First page < 1 2 3 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Frost & Sullivan Awards Websense Australian Secure Content Management Vendor of The Year

TANDBERG Awarded Australia Video Conferencing Vendor Of The Year By Frost & Sullivan

World Leader in IT Power Management Appoints Channel Partner for South Pacific

Thunderhead Appoints Phil Walker as Managing Director of Asia Pacific and Europe

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking