APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Patch fixes sudo escalation flaw


© May 2019 Anthony Lawrence

This All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP caught my eye. It reports a four year old security hole that lets a local user gain root privilege very easily. That's a serious flaw and you definitely should upgrade asap. However, in reading Hidden backdoor API to root privileges in Apple OS X, it looks like this does require a local user with sudo privilege.

I've long recommended that you NOT run that way. All accounts on my Macs that we use daily are non-administrative accounts. The idea is just additional safety and the inconvenience factor is quite low. For the most part, all that changes is that you actually have to type an administrator name and the password when challenged. For the very few cases where I need sudo access, I either use fast user switching or just open Terminal, su to the administrative user and then issue my sudo command.

In theory, you can do the same thing on Windows, but it's much more annoying. A friend who tried this reported that he needed to authenticate every time he awake from hibernation to approve "manage.exe" and "com.exe". He also reported that Java updates could not be installed at all.


Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> Get that Yosemite 10.10.3 update NOW - Patch fixes sudo escalation flaw


Inexpensive and informative Apple related e-books:

Photos: A Take Control Crash Course

Digital Sharing Crash Course

Take Control of Pages

Photos for Mac: A Take Control Crash Course

Sierra: A Take Control Crash Course




More Articles by © Anthony Lawrence




Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





What do such machines really do? They increase the number of things we can do without thinking. Things we do without thinking — there's the real danger. (Frank Herbert)




Linux posts

Troubleshooting posts


This post tagged:

Apple

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode





SCO Unix Sales, Support, & Service

Phone:  707-SCO-UNIX (707-726-8649Toll Free: 833-SCO-UNIX (833-726-8649)
www.SCOsales.com