[Ti] Intel Mac Mini? (OT)
themacuser
themacuser at gmail.com
Sat Feb 25 22:48:45 PST 2006
On 26/02/2006, at 4:00 PM, John wrote:
> On Feb 25, 2006, at 11:25 PM, Chris Olson wrote:
>
>> On Feb 25, 2006, at 9:56 PM, Mikael Byström wrote:
>>
>>> Chris, wouldn't changing umask prevent the exploit from gaining
>>> access?
>>
>> No because everything happens outside the shell until Launch
>> Services calls the shell to run the code. By that time it's too
>> late.
>>
>>> If I try it, will it only delete the current user account, or all?
>>
>> The current user account only. However, we've found that on admin
>> user accounts we can modify system settings and/or place hidden
>> files/folders/binaries at the root level in /Library or /
>> Applications too. We're still tweaking the code, trying to figure
>> out exactly how much damage we can do.....
>> --
>> Chris
>
> I guess the *slightly* more important question would be, have you
> notified Apple of the vulnerability and/or is Apple (already) aware
> of it? I've been under the assumption that they do not always
> respond immediately to threats.
I'd say that they are aware of it.
http://www.apple.com/macosx/feedback/
Send them a comment. Tell them to hurry up and fix it.
More information about the Titanium
mailing list