|
|
Not a security issue, but I found a bug
From what I see, it doesn't look like a security issue, but I did find a weird bug. Does anyone else seem to get it?
Not a security issue, but I found a bug
Wouldn't it be faster enter your admin username and password in the other user's screensaver login box, and then quit all of his/her applications? I don't see the difference.
Not a security issue, but I found a bug
oh! I didn't know that was possible. I guess I went the long way round.
Not a security issue, but I found a bug
There's a far, far easier way to do this.
Granted, this is more complex in that it requires having a second computer to log into the target machine (though it doesn't have to be a Mac ) and it depends on the target machine having ssh access (though that's probably not an unreasonable assumption). But otherwise, this seems like a more straightforward variant of the same attack. Note also that this attack probably works on Linux & other *nix systems as well -- anywhere multiuser system where the locked screensaver is likely to show up as an identifiable running process and admin level users can manipulate those currently running processes. It's debatable whether or not it counts as a vulnerability though so much as an example of one of the innumerable unpleasant things that can be done with full administrative access to someone's computer, and an object lesson in why it's a good idea to give out admin access carefully. --- |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.12 seconds |
|