[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Files created with emacs are owned by system
|
From: |
Peter Dyballa |
|
Subject: |
Re: Files created with emacs are owned by system |
|
Date: |
Fri, 1 Aug 2008 22:55:17 +0200 |
Am 01.08.2008 um 21:17 schrieb David Kastrup:
This Apple Emacs is -nw only. Since half a decade 21.2.
Emacs 21.2 can't be compressed into 30008 bytes. No fscking way. The
most likely explanation is that this machine has been hacked, emacs
(and
likely other binaries) replaced by a propagating virus that does its
damage code, then fetches and executes the original command from
somewhere else.
My Mac isn't hacked and it wasn't hacked before. Proof: running Disk
Utility (or the corresponding command line utility, i.e., diskutil
verifyPermissions <device>) to check integrity of the installation.
OK, if the receipt files of the installed packages have been
substituted, then it won't fail on a hacked system. Anyone willing to
crack my root password?
Now, here is the dull reality:
pete 265 /\ ls -l /usr/bin/emacs
-r-xr-xr-x 1 root wheel 13964 20 Feb 23:31 /usr/bin/emacs
pete 266 /\ file /usr/bin/emacs
/usr/bin/emacs: Mach-O executable ppc
pete 267 /\ otool -L /usr/bin/emacs
/usr/bin/emacs:
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0,
current version 88.1.11)
Otool -L works like ldd in linux.
pete 268 /\ uname -a
Darwin localhost 8.11.0 Darwin Kernel Version 8.11.0: Wed Oct 10
18:26:00 PDT 2007; root:xnu-792.24.17~1/RELEASE_PPC Power Macintosh
powerpc
Just received, as description of Security Update 2008-005's contents:
Disk Utility
CVE-ID: CVE-2008-2324
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: A local user may obtain system privileges
Description: The "Repair Permissions" tool in Disk Utility makes
/usr/bin/emacs setuid. After the Repair Permissions tool has been
run, a local user may use emacs to run commands with system
privileges. This update addresses the issue by correcting the
permissions applied to emacs in the Repair Permissions tool. This
issue does not affect systems running Mac OS X v10.5 and later.
--
Mit friedvollen Grüßen
Pete
Klingons do not believe in indentation - except perhaps in the skulls
of their project managers.
- Re: Files created with emacs are owned by system, (continued)
- Re: Files created with emacs are owned by system, Joost Kremers, 2008/08/01
- Re: Files created with emacs are owned by system, iainb . forms, 2008/08/01
- Re: Files created with emacs are owned by system, Joost Kremers, 2008/08/01
- Re: Files created with emacs are owned by system, iainb . forms, 2008/08/01
- Re: Files created with emacs are owned by system, Peter Dyballa, 2008/08/01
- Re: Files created with emacs are owned by system, Thierry Volpiatto, 2008/08/01
- Re: Files created with emacs are owned by system, Peter Dyballa, 2008/08/01
- Re: Files created with emacs are owned by system, Joost Kremers, 2008/08/01
- Re: Files created with emacs are owned by system, Peter Dyballa, 2008/08/01
- Message not available
- Re: Files created with emacs are owned by system, David Kastrup, 2008/08/01
- Re: Files created with emacs are owned by system,
Peter Dyballa <=
- Re: Files created with emacs are owned by system, iainb . forms, 2008/08/02
- Re: Files created with emacs are owned by system, Mark Hood, 2008/08/06
- Message not available
- Re: Files created with emacs are owned by system, Joost Kremers, 2008/08/01
- Re: Files created with emacs are owned by system, Tim X, 2008/08/01
- Message not available
- Re: Files created with emacs are owned by system, D. Power, 2008/08/02
- Re: Files created with emacs are owned by system, Peter Dyballa, 2008/08/01
- Re: Files created with emacs are owned by system, Tim X, 2008/08/01
- Re: Files created with emacs are owned by system, Tim X, 2008/08/01
- Message not available
- Re: Files created with emacs are owned by system, iainb . forms, 2008/08/01
- Re: Files created with emacs are owned by system, Joost Kremers, 2008/08/01