|
Full Disclosure
mailing list archives
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: "Brian K." <codesamurai () mac com>
Date: Thu, 19 May 2005 11:07:43 -0400
The issue is *any* application shouldn't have the ability to gain
administrative control (by waiting for sudo [intended for something
else] to be done).
Self correction/elaboration note: Sorry, that was a tad terse to the
point of being incomplete. It was intended to be framed in the
context of what was already discussed in this thread. (i.e.
something else doing the sudo intended for its own purposes, etc.,
all of which everyone is already well aware of.)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability, (continued)
Ports used by trogens Brian Phillips (May 21)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Brian K. (May 18)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Brian K. (May 19)
- Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Brian K. (May 19)
|
Intro
