Apple's Mac OS X 10.7 Lion has exploitable security flaws

20 September 2011

rotten apple

Apple fans have always been very, very keen to brag about the security of their devices, sneering at everyone else with the kind of superiority normally found in investment bankers and the Roman Catholic church.

However, that confidence could well be taking a hit as security flaws have been spotted in Apple's Mac OS X 10.7 Lion, which basically would allow hackers to extract the password hashes of any system users and change their access codes without authorization.

Patrick Dunstan, who knows about these things and writes about them on the Security in Depth blog, says:

"It appears in the redesign of OS X Lion's authentication scheme a critical step has been overlooked. Whilst non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data."

Apparently, the data can be extracted from directory services by invoking the dscl command with a /Search/ path like this: dscl localhost -read /Search/Users/[user]. For your trouble, you'll get a "dsAttrTypeNative:ShadowHashData" section with the password hash.

Using the same dscl tool could also enable someone to change the password of the currently active user, which is no good is it?

Mercifully, this means absolutely nothing to most people, but then again, hackers aren't most people are they? They have see-through skin and a jaded sexual appetite for starters.

[µ]

TOPICS:   Technology   Gadgets

4 comments

  • alexis
    "...could also enable someone to change the password of the currently active user" "the data can be extracted from..." Yeah, but it won't happen will it. I still blindly crawl around the internet on my hands and knees and nothing ever happens. I was supposed to having viruses coming out of my ears by now because Macs "just weren't popular enough" before.
  • Mark H.
    Sounds like this could only be exploited by someone with a login account on your computer. Doesn't sound like an internet hacker could do anything with this - am I correct?
  • SteveNoJobs
    More important still - Lion is a rubbish update and not worth your money. Broke my bluetooth and wifi, all for twenty quid. Bargain!
  • Johnb
    Stupid Macs.. I disappoint myself everytime I wake up and see my iMac and wander how they are going to fleese me today. Forced into upgrading my OS yesterday (£20), as JAVA (Yes the integral part of the OS) was no longer supported... The company could charge a lot less, but mugs like us keep buying there junk whilst their sitting on piles of cash.

What do you think?

Connect with Facebook, Twitter, or just enter your email to sign in and comment.

Your comment