It's not a Feature, It's a Vulnerability!
pmeunier writes "Apple's security stance is stunning. In the latest (10.3.9) update, Apple removed two capabilities because they pose security risks. One of them is the capability to run setuid and setguid scripts (the other was actually unused). Can other commercial OS vendors (how many are there :) adopt a similar stance? Will you be inconvenienced by the inability to run setuid scripts on MacOS X? Which other features/capabilities (in any OS) would you like to have removed?"
And your dick is vulnerable to getting STDs, so the only 100% effective way to deal with this is to remove... oh, wait...
*sigh*
I really, really hate developers who shove things like this down users' throats.
I support the Center for Consumer Freedom
Microsoft has credo "Where do you want to go today?" - which I changed to "Which virus do you want to get today?". Now Apple comes along and I have to change this to fit new Apple strategy: "Which OS feature we will disable today?" :)
I don't know why this get's it own news article on /. I mentioned this at the time in the 10.3.9 thread. Not exactly like it's new news.
But as I explained Apple are too trigger happy with security stuff and they only do that look cool to the computer press illuminati.
Perhaps what happened is they suddenly saw a scenario where SUID/GUID could be a very prolific attack mechanism. It's not worth worrying about though is it, seeing as only 3% of the world use Macs.
"Which other features/capabilities (in any OS) would you like to have removed?"
None! Fuck off. It's not the features that cause security problems it's the end user.
Although Apple like to stamp all over security stuff to be seen as tough, there have been plenty of silly ass mistakes which shouldn't have got in to previous OS revisions anyway, like broadcasting MAC addresses in email, and various gaffs with Apache and Safari.
I think a bit of humble pie wouldn't hurt Apple, what they really need now is a major security blunder.
Personally I can't really see it's worth bothering with 10.3.9 anyway as Tiger is just round the corner (probably more crippled than ever)