[21281] in bugtraq
Re: MacOSX 10.0.X Permissions uncorrectly set
daemon@ATHENA.MIT.EDU (Ethan Benson)
Mon Jul 2 04:22:17 2001
Date: Fri, 29 Jun 2001 14:41:15 -0800
From: Ethan Benson <erbenson@alaska.net>
To: bugtraq@securityfocus.com
Message-ID: <20010629144115.F7618@plato.local.lan>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="JcvBIhDvR6w3jUPA"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.21.0106292202500.455-100000@heatseeker>; from anarchie@metaverse.org on Fri, Jun 29, 2001 at 10:14:23PM +1000
--JcvBIhDvR6w3jUPA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jun 29, 2001 at 10:14:23PM +1000, Peter Tonoli wrote:
> I've just looked into the root of a machine we have here. Not an upgrade
> from OS 9. Started with install off the release cd, and now 10.0.4 is
> installed. Seems the following have write access by any user, by default.
>=20
> drwxrwxrwx 21 root wheel 670 Jun 19 10:06 Applications (Mac OS=
9)
> -rwxrwxrwx 1 root wheel 942080 Jun 26 11:03 Desktop DB
> -rwxrwxrwx 1 root wheel 2831842 Jun 26 09:17 Desktop DF
> drwxrwxrwx 3 root staff 58 Jun 29 21:51 Desktop Folder
> drwxrwxrwx 11 root wheel 330 May 29 10:33 Documents
> -rwxrwxrwx 1 root wheel 0 May 30 13:33 Late Breaking News
> drwxrwxrwx 49 root wheel 1622 Jun 28 14:29 System Folder
> drwxrwxrwx 3 xxxxxx admin 264 Jun 28 14:40 Temporary Items
> drwxrwxrwx 2 root wheel 264 May 28 12:30 TheFindByContentFold=
er
> drwxrwxrwx 4 root wheel 264 May 7 10:12 TheVolumeSettingsFol=
der
> drwxrwxrwx 2 root wheel 264 Jun 28 14:29 Trash
> -rwxrwxrwx 1 root wheel 547356672 Jun 28 14:26 VM Storage
All files and directories created by MacOS will have 0777 permissions
on the OSX side. =20
> xxxxx is currently logged in. "VM Storage" is an interesting one. Running
> strings on it gets about 500 outputs of "ISP_Guard_Page", so I assume
> there's some sort of protection scheme happening there. I don't see what's
> stopping trojans being installed in Applications, considering it's
> writable to all and sundry.
the VM Storage file is the MacOS (not OSX) swapfile, i think everyone
knows the implications of world readable (much less writable) swap files. =
=20
--=20
Ethan Benson
http://www.alaska.net/~erbenson/
--JcvBIhDvR6w3jUPA
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjs9BAsACgkQJKx7GixEevyVuQCfYIoyeK6qmRf81hbaQp9n9/lF
8xUAn1R9XWRC/5C0X6llSsu4marmzp4q
=GvTy
-----END PGP SIGNATURE-----
--JcvBIhDvR6w3jUPA--
