My vote goes to "Disclosure" with Michael Douglas and Dennis Miller. Though not strictly software developers, they were engineers (working on CD-ROM drives, IIRC), and they actually seemed to work like engineers. (It was based on a Crieghton novel.) (Besides, Douglas' character lived on Bainbridge Island and rode the ferry to work every day. Ah yes, mad dash at 07:09:59 to make the 7:10 sailing, sip the latte on the boat on the way over, short hike to the office, cut schema all day, out at a reasonable hour to catch the boat back, Fosters on the ferry on the way home. Very realistic. How I miss that.)
Not the only local exploit
on
Linux Kernel Bugs
·
· Score: 2, Informative
This article appeared on stepwise.com, a site devoted to Mac OS X (so yes, Macs *are* vulnerable!")
http://www.stepwise.com/Articles/Admin/2001-10-15. 01.html
[posted 18-Oct-01]
>>
Mac OS X 10.1 Local Security Exploit
A serious security exploit has been found in Mac OS X 10.1 (in fact, as it turns out, it has been present in 10.0.x versions as well). Using this exploit any user at the Desktop can gain root access to the machine.
The problem is caused by applications that are set-uid root (that is, regardless of the user that runs them, they have root permissions). Normally these programs have a limited scope of functionality so that damage is minimized. However, it appears that any items launched from the Apple->Recent Items menu inherit the root user privileges. Additionally, any other apps in the Apple menu (i.e. System Preferences) can be launched as root using this hole.
This can be demonstrated using the following technique:
[See URL above for more details]
So obviously, Linux isn't the only one that has these kinds of problems. And to that thread commenting about Mac OS not having problems like this -- yes, that might be true for Classic Mac OS, but its obviously not true for the current OS
Every OS that I've used in the past couple of decades has had some kind of "local security exploit". That's just the way it is.
Later,
--Gregory
Slashdot Mirror
My vote goes to "Disclosure" with Michael Douglas and Dennis Miller. Though not strictly software developers, they were engineers (working on CD-ROM drives, IIRC), and they actually seemed to work like engineers. (It was based on a Crieghton novel.) (Besides, Douglas' character lived on Bainbridge Island and rode the ferry to work every day. Ah yes, mad dash at 07:09:59 to make the 7:10 sailing, sip the latte on the boat on the way over, short hike to the office, cut schema all day, out at a reasonable hour to catch the boat back, Fosters on the ferry on the way home. Very realistic. How I miss that.)
This article appeared on stepwise.com, a site devoted to Mac OS X (so yes, Macs *are* vulnerable!") http://www.stepwise.com/Articles/Admin/2001-10-15. 01.html
[posted 18-Oct-01]
>>
Mac OS X 10.1 Local Security Exploit
A serious security exploit has been found in Mac OS X 10.1 (in fact, as it turns out, it has been present in 10.0.x versions as well). Using this exploit any user at the Desktop can gain root access to the machine.
The problem is caused by applications that are set-uid root (that is, regardless of the user that runs them, they have root permissions). Normally these programs have a limited scope of functionality so that damage is minimized. However, it appears that any items launched from the Apple->Recent Items menu inherit the root user privileges. Additionally, any other apps in the Apple menu (i.e. System Preferences) can be launched as root using this hole.
This can be demonstrated using the following technique:
[See URL above for more details]
So obviously, Linux isn't the only one that has these kinds of problems. And to that thread commenting about Mac OS not having problems like this -- yes, that might be true for Classic Mac OS, but its obviously not true for the current OS
Every OS that I've used in the past couple of decades has had some kind of "local security exploit". That's just the way it is.
Later,
--Gregory