Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ancient Flaws May Leave Mac OS X Vulnerable

Posted by Zonk on from the patch-to-the-left-patch-to-the-right dept.

mdeb writes "ZDNet Australia is running a story that claims Mac OS X 'contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago.' As an example, in August of last year, Apple patched the 'dsidentity' bug, which could easily have been exploited to grant a non-privileged user with admin rights the capability to create and remove 'root' user accounts."

5 of 388 comments (clear)

  1. In one minuets... by AndyG314 · · Score: 0, Flamebait

    some mac-o-phile will be on here saying how it doesn't matter and mac os X is uber secure.

    --
    If it's dead, you killed it.
  2. Whaaaat? by sn0wflake · · Score: 0, Flamebait

    Errors in OSX? Impossible. This is the perfect OS, FOSS and stuff. Must be a Microsoft developer involved.
    Mod me down, I really don't give a shit.

  3. slashdot is like nslookup by Anonymous Coward · · Score: 0, Flamebait

    depricated and replaced by dig(g)

  4. Re:Stop the Presses by Anonymous Coward · · Score: 0, Flamebait

    and exactly what are your suggestions for fixing the bugs and exploits for OSX? Antivirus protection hasn't helped windows, neither has patch tuesdays. how about Linux, ever read the lists? local root exploits have been a dime a dozen and updates haven't always come from the vendors in a timely manner.

    yeah, I think I'll not have any nightmares tonight about a local exploit. at worst, OSX will only become what Windows already is... in the meantime, I think I'll enjoy you guys pointing out that we're in for a big shock. the really shock is that a local exploit on OSX gets this much press, while remote exploits on Windows get a patch three months late.

  5. Re:The "only" reason Max OS is safe? by nathanh · · Score: 1, Flamebait
    This kind of invalidates your entire argument.

    Only in your bizarro world where OS X is perfect and critics are always wrong.

    I would certainly trust students, learning as they go to create trustworthy computing software, much more than Microsoft, whose only goal seems to be market domination, not any kind of user satisfaction or security!

    I would trust a retarded chimpanzee with Alzheimer's more than I would trust Microsoft, but that's not exactly saying much. Setting yourself "Microsoft" as the golden standard is kind of pointless.

    As for why I (*shudder*) at the thought that students are responsible for some of the code in BSD (and also Linux, I shudder at that too), I have seen the code that students write. I've seen this come out of a student's garbled mind (written in C)...

    system("ping 127.0.0.1")

    If you're defending that, you're not the sort of person whose opinion I value.