Securing OSX - some tips from the Linux side

whooleytoo · Mar 21, 2006

Sudo vs Root

An interesting article on how to make OSX more secure than the default installation (largely by making it more difficult for admin users to log in as root).

idea_hamster · Mar 22, 2006

That's really interesting -- it goes to show just how limited my knowledge is, since I thought that the whole system of leaving root disabled was top-notch.

Also, the author mentioned "privilege escalation." I've heard that there are escalation security holes in OSX before. Does anyone know how these work?

(BTW, I'm not asking for a hacking tutorial here in a public forum. But rather an explanation of how such an attack works.

)

gekko513 · Mar 23, 2006

idea_hamster said:
Also, the author mentioned "privilege escalation." I've heard that there are escalation security holes in OSX before. Does anyone know how these work?

Privilege escalation techniques can work in a number of ways.

Using or fooling some launcher daemon into running som code for you with higher privileges than the user you're logged in as for is one method. For instance, registering a program with 'at' on Windows will make the program start with system level privileges.

Sometimes a system procedure has race conditions that can be exploited. For instance, a system request may at some point open a pipe or other insecure method of communicating with another process. Sometimes it is possible to grab that pipe before the communication is established properly and use that to do something with higher privileges that usual.

Buffer overflows or other low-level vulnerabilities in system utility programs can sometimes also be exploited to elevate privileges.

Privilege escalation vulnerabilities are so common that every OS out there has several new vulnerabilities of this kind discovered every year.

thestaton · Mar 23, 2006

if one goes this route - would you still be able to update the os, install / run apps without a hitch?

thanks

whooleytoo · Mar 23, 2006

thestaton said:
if one goes this route - would you still be able to update the os, install / run apps without a hitch?

thanks

I don't see why not - as long as you're in the admin group or you have the username & password of a user in that group.

(Then again, I haven't tried out these tips yet either!)

idea_hamster · Mar 23, 2006

gekko513 said:
Privilege escalation techniques can work in a number of ways.
[snip]
Privilege escalation vulnerabilities are so common that every OS out there has several new vulnerabilities of this kind discovered every year.

Wow. That's kind of amazing in a cool/terrifying way.

I guess this means that to think I'm safe, I have to (i) password protect my screensaver, (ii) log out more than I do, (iii) get rid of that convenient "Guest" account that I set up with "controls" on what the guest can do, and (iv) really keep an eye on who sits at the keyboard.

At least I don't have to worry all that much about remote no-account arbitrary code execution. Or do I??

Search

Search

Securing OSX - some tips from the Linux side

whooleytoo

macrumors 604

idea_hamster

macrumors 65816

gekko513

macrumors 603

thestaton

macrumors 6502

whooleytoo

macrumors 604

idea_hamster

macrumors 65816

Our Staff