Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Responds to Exploit

Posted by pudge on from the feature-not-bug dept.

Dave Schroeder writes, "This isn't so much of a root vulnerability as a default configuration that trusts the integrity of the local network services. This functionality has been around since NeXTSTEP, and is designed to allow for auto-configuration of new servers/machines brought into the network. The quick 'fix' for the vast majority of users who choose to implement it is to uncheck LDAPv3 and NetInfo altogether in Directory Access. Or, if LDAP services are used, just uncheck 'Use DHCP-supplied LDAP Server' in LDAPv3. ... One could argue that these features should be off by default, but if they are, it kind of wrecks the whole auto-configuration scheme." This sounds related to a great new feature in Mac OS X Server 10.3/Xserve called "automatic setup" that -- for machines that come with it preinstalled -- will get their address and LDAP server via DHCP and look for configuration files, and automatically configure the entire server, without any interaction beyond plugging it into the network and turning it on.

9 of 351 comments (clear)

  1. Who will watch the watchers? by Crypto+Gnome · · Score: 5, Insightful

    Realistically, an issue trusting the LDAP server that your DHCP server points you at?

    What is the world coming to?

    Do I need to manually verify every single setting supplied to me by my DHCP server because I don't trust it?

    These days, the internet is not a safe place, we all need to be more than just a little paranoid - but are you paranoid enough?

    --
    Visit CryptoGnome in his home.
  2. It's still an exploit by Anonymous Coward · · Score: 5, Insightful

    No matter what sort of spin Apple puts on it, it's still retarded of them to trust LDAP to the point that UID=0 is trusted to be root.

    Still, I don't think that this exploit is really that easy to take advantage of... the circumstances which would lead to it are fairly limited for now (until WiFi is as pervasive as air, anyway).

  3. Wireless attacks on local networks by Mundocani · · Score: 5, Insightful

    In many discussions, people downplay the importance of exploits like these because the attacker has to be on your local network to take advantage of the security hole. What about all of the mis-configured (or deliberately) open wi-fi networks out there? I think that wireless networking has changed the importance of "local exploits" by allowing somebody passing by to become a local entity on an open wi-fi network.

  4. No worse than DHCP itself by clasher · · Score: 5, Insightful

    This problem seems little worse than other problems related to DHCP. If someone had access to your subnet and was able to configure a rogue DHCP server (e.g. to exploit the OS X ldap bug) they could just as easily return a rogue proxy as the default gateway or a tainted DNS server. If you are not vigilant about SSH warning messages or best practices you could be connecting to a server which is just recording your password and passing it along to the real server.

    There may be something I missing, but this does not seem to be a problem with Mac OS X as much as it is with DHCP. DHCP in its simplest form is not secure. Using DHCP on a subnet requires trust. As with any other kind of security you will have to trust something, whether it is your computer or your home network.

    I hope people do not blow this bug out of proportion too much.

  5. Re:Home vs. Work by Rahga · · Score: 5, Insightful

    Besides, if it's possible for someone to sneak a compromised DHCP server on your network, you're basically screwed anyway.

    The janitors in my bank building could probably do this on multiple networks on multiple floors with ease. Heck, just drop a decently modded dreamcast under a secretary's desk or anywhere you can find a ethernet drop and weak switching.

  6. Re:It's an old argument by cgenman · · Score: 5, Insightful

    I'd find the "Microsoft security vulnerabilities are the fault of ease-of-use" argument a little more valid if Microsoft's software were actually vulnerable due to useful features.

    For example, the messenger service isn't used by anyone by spam senders, e-mail scripting was never a useful device to anyone, and a fragile, naked file system doesn't lend itself to easy usage anyway. A web browser that can be told to run arbitrary code due to a buffer overflow is not vulnerable because it is easy to use, but because it is poorly written. The autodetection of hardware and updating of drivers is very easy to use, and has (as far as I know) never been the source of an exploit.

    You can both have security and ease-of-use... Just design a closed system with very limited purposes. A Hub, for example, is extremely easy to use, and has few possible points of security vulnerability. Routers, on the other hand, are frequently a bit archaic in their setup and get hacked all of the time.

    That's not to say that your point is invalid, but that there are other factors involved... Flexibility, control, effort, etc.

    I guess the point of this is that if I have to re-install windows or edit the registry again before Christmas I'm buying myself an iMac.

    --
    The ______ Agenda
  7. Re:No, that's not so bad by Squozen · · Score: 5, Insightful

    I work tech support, and if I had a dollar for every Windows owner that didn't understand the difference between right and left-clicking I could buy Slashdot and every AC posting to it.

  8. Not Just Apple! by linuxislandsucks · · Score: 5, Insightful

    Ah ahem, several storage servers like Snap and etc also come with this 'feature'..

    and those run Linux...

    --
    Don't Tread on OpenSource
  9. Re:It's an old argument by cgenman · · Score: 5, Insightful

    Good advice overall, which any computer user should abide by. However, I'd like to point out a few things.

    First of all by "file system," I had meant the organizational file heiarchy in Windows, the portion that the OS sees. You can still break all of the links to a program by, for example, re-naming a folder. Many programs fail to work if installed on something other than the C: drive... Many of these are Microsoft's programs. The Windows folder is a hodgepodge of thousands of items, some of which are protected and some of which aren't, but few of which are intelligently laid out for either the user or the programmer. I agree that NTFS is a much better file system than Fat32 was (though the fact that Windows XP doesn't support 160 GB drives out of the box is pretty shameful), but what the OS does with it is shabby.

    Second, if you *ever* have to edit the registry, you're doing something very wrong. That's like saying that you should dismantle your entire car because one of your headlights is out.

    Actually, some programs treat registry settings like they were a preferences dialog. Zone Alarm, for example, like thousands of other pieces of software has an annoying splash screen that appears every time your computer boots, and the only place the preference exists is in the registry. Program registrations need to be backed up from and occasionally restored to the registry... It's just a bad idea to keep your copy restriction authentication and your preferences in the same structure, but that's exactly what Microsoft designed.

    As a game developer, and an out-of-work one at that, Windows does need to be reinstalled every 6 months or so... If the constant flow of test games doesn't get you, the constant flow of uninstallers will. Rolling back to restore points is useful, but A: it doesn't always work and B: it doesn't address the cumulative damage of accrued extensions.

    As an addition to your suggestions, the user needs to check what icons are in the bottom-right hand corner of their screen, and shut off what isn't needed. Many people I have spoken too don't realize that those are applications and not just quick-launch shortcuts.

    --
    The ______ Agenda