# # Mac OS X 'rootpipe' is not a backdoor
APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Mac OS X 'rootpipe' is not a backdoor

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.



Some material is very old and may be incorrect today

© April 2015 Anthony Lawrence

The news is full of stories like this Failed Apple Rootpipe Fix Leaves Backdoor On All Macs, Researchers Claim. Forbes (and many others) call it a "significant flaw", ZDNet calls it "serious". It was supposed to be fixed in the last patch cycle, but apparently it wasn't.

Yes, Apple deserves shame and humiliation, but seriously: for most of us, it's not a concern. First, if you don't run as an admin account as I've suggested at Patch fixes sudo escalation flaw, you aren't vulnerable.

More importantly, this isn't a "back door" through which someone can enter your Mac. This requires someone to login as a user first and then to have the combination to the safe tatooed on that user's forehead. The user needs to have admin privilege as noted above; without it this flaw doesn't help them.

It's unimportant to most of us. I might worry if I had employees, but sitting here behind two firewalls on a machine with only one admin account that I do not use, I do not.


If you found something useful today, please consider a small donation.



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> Mac OS X 'rootpipe' is not a backdoor


Inexpensive and informative Apple related e-books:

Take Control of Apple Mail, Third Edition

Take Control of iCloud

Take Control of IOS 11

Take Control of Automating Your Mac

Take Control of Numbers





More Articles by © Anthony Lawrence





Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





Tough times never last, but tough people do. (Robert H. Schuller)




Linux posts

Troubleshooting posts


This post tagged:

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode