Reply to post: Re: A simple temporary fix or am I missing something here?

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Synonymous Howard

Re: A simple temporary fix or am I missing something here?

Indeed .. however until a permanent fix becomes available a little whack-a-mole remediation might be advisable to those of us who have Mac users to protect.

The password file and master password file could be set to immutable without any issue as well as they are not modified in normal use (and only used in single user mode).

So I'm now running with ...

chflags -vv schg /private/etc/ /bin/ /sbin/ /usr/bin/ /usr/sbin/ /opt/X11/bin/ /usr/lib/

for the time being. (will need to undo [noschg] that before patching though)

FOOTNOTE: if you mention 'slash etc slash passwd' in a message the posting gets auto blocked 8-)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019