the service, that's what most of the security holes in Windows NT based systems are dealing with these
days. There used to be several very large holes in UNIX so I don't doubt that there are more. Don't
expect that a login is required to take over the service, the fact that it isn't required is what makes it a hole.
Antonio Aparicio wrote:
Yeah, given you would have to log on as root it sounds like a non issue - and loggin on as root is not something that is easy to do by mistake, nor would ever really need to do. Waiting to see what Apple has to say about it. As a normal user you would have to use sudo, which prompts for admin pasword, hence no big threat.
Antonio
On 19 May 2004, at 13:58, graywolf wrote:
It means remove (rm) recursively (-r) with a forced (-f) override of permissions all files starting with the root (/) directory. If run as root (systems administer) it will erase all the files on the filesystem.
Sounds insane, but it allows remote upgrades over the network because it will leave the system running and you can restore the files from another server. All unix systems that I have seen do assume they are being administered by someone who knows what they are doing. That tends to go with the terriory of being a multiuser system.
BTW, network connected unix systems should never be run as root except when being worked on. Always run from a user account. If someone can get into your system as root they can do anything they want with it from just about anywhere.
BTW, does Apple tell you any of this?
--
Cotty wrote:
Hot on the heels of the assurances that OS/X is secure, and not susceptible to the same sorts of exploits Windows suffers from, comes the news that there's a gaping great hole in OS/X as shipped.
Basically, the AppleHelp service can be used to execute an arbitrary shell-level script. (rm -rf /, anybody?)
I'd suggest any OS/X users here might want to disable that service.
John, can you put that into plain language for me? thx.
rm -rf /
means : make up some space on those quite-full disk, you'll problably need it.
but also means: loose all your data and Operating System too.
Personally I prefer rm -rf .
that first delete your data. (to be sure)
;)
on how to disable this service, i really don't know. I haven't a Mac. But mac is all about mouse, so there should be some option called
"AppleHelp"
(as Cotty suggested) somewhere. Cotty is suggesting to disable it, I don't know if there are any drawbacks.
No - I don't have a clue what you're talking about. I need an idiot's
guide here. Personally i might prefer rm -rf *if I iknew what the hell it
was* !
Cheers,
Cotty
___/\__
|| (O) | People, Places, Pastiche
||=====| www.macads.co.uk/snaps
_____________________________
-- graywolf http://graywolfphoto.com/graywolf.html
