Re: Vulnerability in Terminal.app

[Timo Schoeler <timo.schoeler () macfinity de>]

hi,

yes, you gotta have physical access. additionally, it must be in an
environment the user (who owns/operates the machine) trusts that much, that
(s)he leaves the machine _logged in_ *and* put it into sleep mode.

don't think it's a big problem. if you don't trust your environment that
much (okay, say, you know they won't take away your mac -- even if it's a g5
or so ;), just log off.

in this case someone might use the system cd, boot off it and use the 'reset
password' function it implements.

but after all, if you have _physical access_ to a machine -- you're lost.

imho that 'bug' is like complaining that fort knox' does not register every
single bill tehy store in their most secure safe ;)

-- 
so long,

timo

Jesus loves you... but Satan has candy.


> In order for someone to exploit this they wouldn¹t they need physical
> access? And if they had physical access they could simple just boot into
> single user mode (enabled by default), or off a cd (enabled by default), or
> simply steal the machine.
>
> On 11/19/03 12:27 PM, "hays () ibiblio org" <hays () ibiblio org> wrote:
>
> > --On Wednesday, November 19, 2003 12:00 PM -0500
> > full-disclosure-request () lists netsys com wrote:
> >
> > > > There is a work-around for this vulnerability of course - actually
> > > > several.
> > > >
> > > > 1. Never use sudo (not particularly practical).
> > > >
> > > > 2. Never put your box to sleep after a sudo unless at least 5 minutes
> > > > (or whatever your interval is set to) have passed.
> > > >
> > > > 3. Issue either the 'sudo -k' command or the 'sudo -K' command before
> > > > putting your box to sleep - make it a habit no matter if you remember
> > > > issuing an ordinary sudo recently or not - 'just in case'.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html