Security: Hack Mac OS X With Installer Packages

MacGeekery has a short but insightful piece with examples on how to use a malformed Installer package (.pkg) on Mac OS X to ‘insert user accounts with administrator rights and change root-owned system configuration or binary files without prompting the vast majority of Mac OS X users for a password of any kind.

From the article: By creating a malicious package and setting the authorization level to AdminAuthorization in the package, an attacker can modify root-owned files, execute commands as root, or install setuid-root programs without alerting the user that such actions are taking place. The problem is compounded when you consider that over 90% of Mac OSi X users run as the administrator user because it’s what the default user created by the system is.

(via Slashdot)

Author: admin

I like chocolate, gadgets, open source software, photography, traveling and all shades of green colors. I love spending time with fun loving friends and family members. This is my own online journal.

One thought on “Security: Hack Mac OS X With Installer Packages”

  1. Dear all i want to plexeraser
    please provide details send me mail
    Permanently remove or erase data from CD and DVD

Comments are closed.