APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Mac OS X 'rootpipe' is not a backdoor

© April 2015 Anthony Lawrence

The news is full of stories like this Failed Apple Rootpipe Fix Leaves Backdoor On All Macs, Researchers Claim. Forbes (and many others) call it a "significant flaw", ZDNet calls it "serious". It was supposed to be fixed in the last patch cycle, but apparently it wasn't.

Yes, Apple deserves shame and humiliation, but seriously: for most of us, it's not a concern. First, if you don't run as an admin account as I've suggested at Patch fixes sudo escalation flaw, you aren't vulnerable.

More importantly, this isn't a "back door" through which someone can enter your Mac. This requires someone to login as a user first and then to have the combination to the safe tatooed on that user's forehead. The user needs to have admin privilege as noted above; without it this flaw doesn't help them.

It's unimportant to most of us. I might worry if I had employees, but sitting here behind two firewalls on a machine with only one admin account that I do not use, I do not.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Mac OS X 'rootpipe' is not a backdoor

Inexpensive and informative Apple related e-books:

Take Control of Apple Mail, Third Edition

Take Control of iCloud

Take Control of IOS 11

Take Control of Automating Your Mac

Take Control of Numbers

More Articles by © Anthony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

Tough times never last, but tough people do. (Robert H. Schuller)

Linux posts

Troubleshooting posts

This post tagged:


Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode