Re: [Full-disclosure] Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: Brian K. (codesamurai_at_mac.com)
Date: Thu, 19 May 2005 11:07:43 -0400 To: firstname.lastname@example.org
> The issue is *any* application shouldn't have the ability to gain
> administrative control (by waiting for sudo [intended for something
> else] to be done).
Self correction/elaboration note: Sorry, that was a tad terse to the
point of being incomplete. It was intended to be framed in the
context of what was already discussed in this thread. (i.e.
something else doing the sudo intended for its own purposes, etc.,
all of which everyone is already well aware of.)
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/