Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If I understood the article correctly, this can be exploited remotely by anybody who has managed to get a shell on the system.


It's even worse than it seems if you talk about it as 'anybody'.

Most OSX boxes are probably single user devices. But you do not normally run as root/wheel, you need sudo (sometimes through a nice GUI) for software to get root privs.

It's not 'somebody' as if another person were logged into their own account. It's that malware running as you can now get root, to further compromise your system, without needing a sudo password.


Just to clarify, this is _not_ a remote vulnerability. If it was a means to create a remote shell, then it would be. An attacker would need to first find some way to gain remote access and then could use this bug to gain root privilege.


The parent comment and some of the child comments are implying you need to be physically near the system, which doesn't seem to be true.

You still need to find a way to execute code on the target system (also called "getting a shell"), but this can be done over the wire, too.


That's how all local exploits work.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: