APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Patch fixes sudo escalation flaw

This All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP caught my eye. It reports a four year old security hole that lets a local user gain root privilege very easily. That's a serious flaw and you definitely should upgrade asap. However, in reading Hidden backdoor API to root privileges in Apple OS X, it looks like this does require a local user with sudo privilege.

I've long recommended that you NOT run that way. All accounts on my Macs that we use daily are non-administrative accounts. The idea is just additional safety and the inconvenience factor is quite low. For the most part, all that changes is that you actually have to type an administrator name and the password when challenged. For the very few cases where I need sudo access, I either use fast user switching or just open Terminal, su to the administrative user and then issue my sudo command.

In theory, you can do the same thing on Windows, but it's much more annoying. A friend who tried this reported that he needed to authenticate every time he awake from hibernation to approve "manage.exe" and "com.exe". He also reported that Java updates could not be installed at all.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Get that Yosemite 10.10.3 update NOW - Patch fixes sudo escalation flaw

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Anthony Lawrence

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us