Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Update Fixes the Screen Effects Hole

Posted by pudge on from the mmmm-overrunning-buffers dept.

jellomizer writes "Here is is. Available from Software Update. 'Security Update 2003-07-14 addresses a potential vulnerability when a password is required upon waking from the Screen Effects feature, which could allow an unauthorized user access to the desktop of the logged in user.' Now we can use our screen savers with the warm and fuzzy secure feeling."

8 of 94 comments (clear)

  1. W h e r e . . . by dlosey · · Score: 5, Funny

    is is? I cannot seem to find "is". I feel so lost!

    Sure can tell its Monday afternoon - editors are still recovering from the weekend

    Could pudge or jellomizer please post a hyperlink? Thanks!

  2. Versions by hackwrench · · Score: 5, Interesting

    Anybody have any idea what files this updates and what version it updates those files to?

  3. Re:went witout a hitch by qengho · · Score: 5, Funny


    i just hope that one day updates won't require a restart.

    Ain't it annoying? How the hell am I going to get my uptime past 30 days or so if I keep having to restart because of patches? Curse you, Apple, for fixing things on a regular basis!!

  4. Re:went witout a hitch by whee · · Score: 5, Informative

    This updates a system framework, which is likely in use by multiple, running, applications. The safest way to ensure everything is operating as it should is to require a restart. Had this been an update of something else, like a user-level application or daemon, then the restart would not have been required.

    You have to remember that this is an operating system for the masses and their desktops. I'm sure this update could've not required a restart, but what if something went wrong? Would your grandmother know how to make sure the current version of a shared library is loaded for her applications?

  5. Re:went witout a hitch by 47Ronin · · Score: 5, Informative

    Noone's forcing you to restart. I just opened up the Mac's Terminal.app and:

    % sudo softwareupdate SecurityUpd2003-07-14-1.0

    [wait for install to finish]

    Installing "Security Update 2003-07-14"... 98% 98% 99% 99% 99% 99% done.

    You have installed one or more updates that requires that you restart your
    computer. Please restart immediately. ...After that I just closed the Terminal. I keep on working and at the end of the day, if I feel like restarting I will. I will also upgrade my OSX webserver this way, and probably never restart it until a real major upgrade occurs.

    --
    Those who laugh at you for you having a Mac.. are the people who constantly call you to fix their PC.
  6. Re:went witout a hitch by Acrimonious+Coward · · Score: 5, Informative

    For and update to an application library (Cocoa in this case), you don't really need to restart, you just need to quit all Cococa apps, this includes the Login Window. To accomplish this, do the following:

    1. download and install the patch. 2. log out, if you can. 3. type ">console" or maybe even ">exit" in the user name field of the login window. 4. once in the console, I believe a ctl-D will restart the login window.

  7. Here's a reason this IS important by jnetsurfer · · Score: 5, Interesting

    I know that you can gain access to my machine by rebooting and changing the root password. I know that you can get around the open-firmware protection. I know that a screen saver doesn't protect my hard drive from someone opening my machine and taking it... but I am still very thankful for this update. Why? Because I encrypt my entire home directory. (Via the method I mentioned here a while ago). So, the "lock screen" option is very important to me -- If you reboot my machine, my home directory is once again encrypted. So the Screen Saver password does have it's place.

  8. For those preferring to not use SU by blb · · Score: 5, Informative

    Apple's page for the update, if you prefer to download manually.