Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers
'Apple Bugs' tussle gets snippy E-mail
by Stephen Withers   
Tuesday, 09 January 2007
Day 8 of the Month of Apple Bugs brings what appears to be a personal attack on one of the team that has voluntarily taken on the task of providing interim fixes.

Featured Whitepaper

5 Best Practices for Smartphone Support
The flaw utilised is that the standard permissions on the /Library/Frameworks folder allow an admin user (eg the default account created when Mac OS X is first set up) to gain root privileges without authenticating. Today's exploit uses this to give root privileges to Application Enhancer, which it then patches to provide a persistent backdoor into the affected system.

Using Unsanity's Application Enhancer for the proof of concept is an interesting choice. Not only is it the software used by the MoAB Fixes team to deliver several of its patches, but Rosyna Keller - a tech support person at Unsanity - is a member of MoAB Fixes and spoke out against the suggested coordination between the two groups.

In a blog posting subtitled "The Month of Trolly Trolls and Trolli Gummy Bears" on Unsanity's site, Keller suggested the Month of Apple Bugs was "being put on by someone with a severe need for attention."

In turn, today's MoAB disclosure by LMH and Johnny Pwnerseed states "If the developers [of Application Enhancer] have left a binary executed with root privileges at an user-writable path, they are certainly capable of doing other non-sense" and refers to "a jackass third-party which has no security background at all and spends more time flaming and insulting on a delusional IRC channel than on real work".

The workaround suggested by LMH and Johnny Pwnerseed is to "Stay away from Application Enhancer", however that would appear to leave the potential for similar exploits of other applications that put components into /Library/Frameworks. MoAB Fixes offers a more general workaround that changes to privileges on that folder. That change is easily reversed, but no guidance is given about when that might be necessary, and in any case repairing permissions will reset the privileges to their original state.{moscomment}

Tags See All Tags


Macintosh  Malware  Security  Software  Stephen Withers 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More

Business & IT Transformation Roles

  Sydney CBD
Project C
...More
1