Mac OS X - Epic Fail
Thursday, June 19th, 2008While getting up to speed with Slashdot, I found an interesting article about a security breach on Mac OS X that allows user escalation through AppleScript.
Trying it on the terminal works, but, as they say, the user needs to have physical access to the machine. So, Patrício suggested trying to access through SSH to see if it works, and it did.
Slashdot member gombah99 posted a tip on how to neutralize it non-destructively:
-
cd /System/Library/CoreServices/RemoteManagement/
-
sudo tar -czf ARDAgent.app.gz ARDAgent.app
-
sudo chmod 600 ARDAgent.app.gz
-
sudo rm -r ARDAgent.app
Here’s to you, Apple Un^H^HSecurity Team!
