[Discuss] OSX Mavericks root exploit, and Safari

[bogstad at pobox.com (Bill Bogstad)]

On Fri, Apr 17, 2015 at 8:13 PM, Richard Pieri <richard.pieri at gmail.com> wrote:
> On 4/17/2015 9:26 AM, Edward Ned Harvey (blu) wrote:
>>
>> I'd like to alert people that OSX Mavericks has a root exploit that
>> will not be fixed. All Mac users must immediately update to Yosemite
>> in order to maintain any semblance of security.
>
>
> Cutting through the hyperbole....
>
> It's a local privilege escalation vulnerability nicknamed rootpipe. It can
> be mitigated by doing one thing: don't run as an administrator account.
> Standard user accounts cannot be used to exploit this vulnerability.

>From the Ars Technica article linked from the original email:

"... The researcher continued to experiment with the flaw until he
found a way to elevate privileges even from standard OS X accounts,
which give users considerably less control. To Kvarnhammar's
amazement, he was able to expand the attack by sending a what's known
as a "nil" to the OS X mechanism that performs the elevation
authorization. A nil is a zero-like value in the Objective C
programming language that represents a non-existent object. ...."

Sounds like your info might be out of date.

Bill Bogstad