-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 12:53 PM -0400 10/17/01, rotaiv wrote: >I can't recall if I have seen this on BugTraq so forgive me if this >is an old issue. > >Try these steps on an OS X machine (not logged in as root) > > - Open up the terminal application > - Quit the terminal application > - Open up NetInfo Manager (leave it in the foreground) > - Open up the Terminal application form the "Recent Items" list in >the Apple Menu. You can slightly reduce the risk by going to Recent Items, clearing the list, and then editing (with your favorite text editor) ~/Library/Preferences/com.apple.recentitems.plist. Change the values for maxapp and macdoc to 0. (The UI lets you change the values to a present list, but 0 isn't one of the options.) That won't stop someone from going to the preferences and turning it back on again (you can't lock General preferences), but it at least means any bypass requires more time. That said, Recent Items is not the sole problem. The Services menu also launches applications with the permissions of the application that currently owns the menubar. You can easily use this to bring up a text editor running as root. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ nazgul@somewhere.com (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Security 7.0.3 iQA/AwUBO8347SZsPfdw+r2CEQIp2wCg2RBJ10ER3EivFzQA/jO4GZAbfGAAn3Op 8P9ospS9RAkwhaCH93aFO1qQ =fsSL -----END PGP SIGNATURE-----
