Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Two ways to possibly close an ARDAgent security hole' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Two ways to possibly close an ARDAgent security hole
Authored by: leono on Jun 20, '08 08:40:49AM

The first possible fix (turning on Remote Management) doesn't work for me, at least not consistently. I'm using 10.5.3. The first time I enabled Remote Management, I'd get:

Nooch:~ leon$ osascript -e 'tell app "ARDAgent" to do shell script "whoami"';
23:47: execution error: ARDAgent got an error: "whoami" doesn't understand the do shell script message. (-1708)

Indicating that the problem was mitigated. I then disabled Remote Management, and got the same message. So I found and killed a running ARDAgent process, then the exploit worked again. I re-enabled Remote Management, and the exploit continued to work, so I wouldn't trust this fix to solve the problem.

[ Reply to This | # ]