[22887] in bugtraq
Re: Mac OS X setuid root security hole
daemon@ATHENA.MIT.EDU (Ken Schweigert)
Wed Oct 17 19:56:35 2001
Date: Wed, 17 Oct 2001 16:16:50 -0400
From: Ken Schweigert <ken@byte-productions.com>
To: rotaiv <rotaiv@biapo.com>
Cc: bugtraq@securityfocus.com
Message-ID: <20011017161650.H767@byte-productions.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.1.0.14.2.20011017124659.02820020@mail.biapo.com>; from rotaiv@biapo.com on Wed, Oct 17, 2001 at 12:53:13PM -0400
Just verified these steps against OSX Server 10.0.4.
--
-Ken Schweigert, Aspiring Network Administrator
Byte Productions, LLC
On Wed, Oct 17, 2001 at 12:53:13PM -0400, rotaiv wrote:
> I can't recall if I have seen this on BugTraq so forgive me if this is an
> old issue.
>
> Try these steps on an OS X machine (not logged in as root)
>
> - Open up the terminal application
> - Quit the terminal application
> - Open up NetInfo Manager (leave it in the foreground)
> - Open up the Terminal application form the "Recent Items" list in the
> Apple Menu.
>
> You should now be logged in as root!
>
> This was passed on to me from the "Macsec mailing list"
> http://www.macsecurity.org/mailman/listinfo/macsec
