Quote:
Originally Posted by kermitology
But what's funny about this is that it's preying on people who don't understand the permission systems of OS X and those who have been trained that computers must always have virus protection.
Not being a fanboy, just making a comment.
|
OK, it's time to put this myth to rest - people who keep talking about permissions and how the Mac is different because users aren't root, etc, either haven't been told, or aren't telling the whole story
Look up setuid on wikipedia - these are binaries on Unix based systems that run with the permissions of the file owner. It's a mechanism Unix systems use to allow non-privileged users to run privileged applications via root or another elevated account. Your Mac has several setuid applications, including third party ones like Dropbox.
Last week, an exploit for Skype came out that allowed anyone to run an arbitrary command as your user account...this naturally includes setuid binaries.
So, if you found a buffer overflow in a setuid application, and could remotely trigger it in the security context of the non-privileged account being used at the time, you could very well, if not infect a machine, cause extensive damage.
Pwn2Own demonstrates every year that getting Safari to do your bidding remotely is trivially easy. The Skype vulnerability mentioned above was terrifying in this regard too. And I'm telling you right now that there are ways to elevate privilege levels from non-privileged accounts.
Still feel safe Mac users? You shouldn't.