Home page logo
/

bugtraq logo Bugtraq mailing list archives

Mac OS 9 Multiple Users Control Panel Password Vulnerability
From: Todd Kirby <kirbyt () YAHOO COM>
Date: Fri, 29 Dec 2000 13:53:57 -0800

Mac OS 9.04 comes with a 'Multiple Users' Control
Panel that allows an administrator (called 'Owner') to
create user accounts (called 'Normal' users) with
limited access to the computer.

The problem is that the Owner password can be removed
by a Normal user by moving the 'Users & Groups Data
File and logging back in using the Owner account,
giving full access to the machine.


Exploit:
--------

Log in as a Normal user. Find the file called 'Users &
Groups Data File' in the Preferences Folder and move
it to another location. Log out and back in using the
Owner account.

Result: No password is required to log in as the Owner
user. User now has full access to the computer,
including the ability to make changes in the 'Multiple
Users' control panel.

The previously moved 'Users & Groups Data File' can be
moved back into the Preferences folder to restore the
original Owner password making detection difficult.


Configuration
-------------

Mac G3 and G4 with OS 9.04.


Solution:
---------

Use ‘Limited’ instead of ‘Normal’ when setting up user
accounts. This will protect the Preferences folder
from being altered.

I attempted to notify Apple but their bug reporter
form requires joining the Apple Developer Connection.

Todd Kirby
Web Applications Developer
Walt Disney Television Animation


=====
"Blinky lights are the essence of technology. Everything
else is fluff."

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]