Re: [Full-disclosure] Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability

From: Brian K. (codesamurai_at_mac.com)
Date: 05/19/05

  • Next message: Richards, Jim: "RE: [Active Spam - GGL Filter] [Full-disclosure] AW: Security iss ue in Microsoft Outlook"
    Date: Thu, 19 May 2005 11:07:43 -0400
    To: full-disclosure@lists.grok.org.uk
    
    

    > The issue is *any* application shouldn't have the ability to gain
    > administrative control (by waiting for sudo [intended for something
    > else] to be done).

    Self correction/elaboration note: Sorry, that was a tad terse to the
    point of being incomplete. It was intended to be framed in the
    context of what was already discussed in this thread. (i.e.
    something else doing the sudo intended for its own purposes, etc.,
    all of which everyone is already well aware of.)
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: Richards, Jim: "RE: [Active Spam - GGL Filter] [Full-disclosure] AW: Security iss ue in Microsoft Outlook"