Nifty OS X security bug

Dustin Mollo dustin at sonic.net
Fri Oct 19 12:19:24 PDT 2001


Here's one for all you Mac OS X users.  This is for OS X 10.1...note that
that's the version that's supposed to be all new and fix tons 'o shit. ;)

!!! DISCLAIMER !!!
Use at your own risk.  Not proven to work on all boxes, but I know it to
work on at least three machines here at work.  I will not be held
responsible for you or someone else breaking your machine.
!!! DISCLAIMER !!!

1.  Log into your box as a normal user
2.  Run a Terminal
3.  Type 'whoami'.  You should be returned with the username you logged in as
4.  Quit Terminal
5.  Run the NetInfo tool
6.  With the NetInfo tool still running, run Terminal
7.  Type 'whoami'.  Relish in your new-found privledges ;)

-Dustin

P.S. - for those w/o OS X who are wondering what happens in step 7, here's
the spoiler.  you wind up with a root shell.  kinda neat, eh?



More information about the talk mailing list