ITSD Computing and Communications Services News
November, 2003

CCS News Home
Back Issues
Computer Security
Help Request
Software Downloads
Computer Backups
Buy a Computer
Suggestion Box
Email
Calendar
Onsite Computer Training
ITSD
CIS
ISS
NTD
TEID
  Three New Vulnerabilities Found in Mac OS X 10.2.8

Three new vulnerabilities have recently been discovered in Mac OS X 10.2.8:
  1. A Mac OS X system can be configured to create a record of the state of the system when it crashes. Such a record is called a core file, but the creation of these files is disabled by default in OS X. In systems running with core file creation enabled, perpetrators with interactive shells may be able to overwrite or read core files that root processes have created, potentially compromising sensitive information such as authentication data. The best solution is to upgrade to Mac OS X 10.3; if this is not feasible, a good workaround is to disable core file creation.

  2. Dragging folders from a disk image to install an application may result in weak directory and file permissions, making directories and files used by numerous applications world writable. Additionally, when new applications are installed with a vendor-supplied installer, certain default directory and file permissions may be too loose. Perpetrators with access to a file system may consequently be able to swap harmless programs with Trojan versions, potentially allowing privilege escalation. Upgrading to MacOS X 10.3 solves the dragging problem, because the new system preserves permissions when copying folders. A workaround is to use the Get Info command in the File menu of Finder to change ownership and permissions after dragging folders.

  3. It is possible to make the kernel crash by sending an excessively long command line argument. The only solution so far is to upgrade to Mac OS X 10.3.

Apple has announced that it will create Security Updates for these vulnerabilities sometime in the near future.