Information Security News
mailing list archives
Major security hole found in OS X 10.1
From: InfoSec News <isn () c4i org>
Date: Thu, 18 Oct 2001 02:42:18 -0500 (CDT)
Insanely Great Mac
October 17, 2001
Mac OS X 10.1 users will want to take note of a local security hole.
The X 10.1 bug allows anyone to gain root access via the Terminal.
The security hole can be used on any Mac OS X 10.1 local terminal.
Using the exploit, anyone can gain root access via the Terminal
For most Mac users this may to be too big of a deal, since under OS 9,
most anyone with access to the desktop essentially already has
administrative level access. However, for those depending on OS X's
security for either multiple user security or system integrity, may be
in for a surprise.
To access the exploit:
- Log into OS X 10.1 under any user.
- Open the Terminal application, then quit the application
- Open the NetInfo Manager application and keep it as the foreground
- Open the Terminal application from the Recent Items Menu.
You will then be logged in as root in the terminal.
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
- Major security hole found in OS X 10.1 InfoSec News (Oct 18)