Reply to post: A simple temporary fix or am I missing something here?

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Synonymous Howard

A simple temporary fix or am I missing something here?

But is a simple remediation just setting the /etc/sudoers file to be immutable?

bash-3.2# chflags -vv schg /etc/sudoers

/etc/sudoers: 00 -> 0400000

$ echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp

dyld: could not open DYLD_PRINT_TO_FILE='/etc/sudoers', errno=1

bash: line 1: 3: Bad file descriptor

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019