Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 19th September 2011
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,597
Default Mac OS X Lion makes it unnecessarily easy for password crackers

From http://h-online.com/-1345608

Security specialist Patrick Dunstan reports that Mac OS X 10.7 "Lion" allows standard non-root users to access other users' password hashes. Under Mac OS X, users' password hashes are stored in shadow files that can usually only be accessed by root users. Dunstan said that, with Lion, Apple changed the authentication procedure and introduced a flaw that allows non-root users to read the password hashes from the shadow files via the directory services.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mac OS X Lion fails to check passwords when authenticating via LDAP J65nko News 0 23rd August 2011 07:20 PM
Misc. BSD/UNIX Inside Mac OS X 10.7 Lion Server: Apple replaces Samba for Windows networking service J65nko News 0 24th March 2011 08:06 PM
NetBSD Testing NetBSD: Easy Does It Android1 News 0 28th June 2010 11:39 AM
What makes a perfect newbie? jggimi Feedback and Suggestions 32 19th October 2008 02:58 AM
What makes a perfect seasoned member? ai-danno Feedback and Suggestions 7 22nd July 2008 12:54 AM

All times are GMT. The time now is 06:27 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick