Reply to post:

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Anonymous Coward
Anonymous Coward

...that doesn't escalate privileges. That uses the priviliges of the user that creates the task.

But if you give another user the privilige of running a scheduled task under your username and password, (what I'll call "the unix way") then at the very least you should also protect the task so that it can't be changed by the end user.

And if you want to do that, restricting the permissions required to alter a specific schedule is trivial iwth the Windows authentication model.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019