Comments on: Quick Fix to Prevent dscl Unauthorized Password Changes in OS X Lion

By: Mac OS X Lion 10.7.1の致命的なセキュリティーホール | tomography

Mac OS X Lion 10.7.1の致命的なセキュリティーホール | tomography — Tue, 27 Sep 2011 14:26:24 +0000

[...] より発見。 Lionで以前のパスワードを知らなくてもユーザーパスワードを変更できる方法がOS X Dailyに掲載されていましたので紹介します。 [...]

By: Peter

Peter — Thu, 22 Sep 2011 16:51:30 +0000

Nothing.

By: Tim

Tim — Thu, 22 Sep 2011 14:51:30 +0000

If you do the “chmod go-x” method, what’s to stop someone from doing the following?

cp /usr/bin/dscl /tmp/
chmod a+x /tmp/dscl
/tmp/dscl

And even if you “chmod 100″, what’s to stop someone from using a copy of dscl they have on a flash drive or their web site?

By: 手动修复 Lion 随意更改用户密码漏洞

手动修复 Lion 随意更改用户密码漏洞 — Thu, 22 Sep 2011 10:03:48 +0000

[...] Inspired by OSXDaily [...]

By: FroZnShiva

FroZnShiva — Thu, 22 Sep 2011 07:52:45 +0000

I set the permissions of dscl (used go-x) – after that the prefpane of the application GlimmerBlocker stopped working – always said, that the gb-proxy is not installed.

Fixed this by reenabling the permissions (go+x).

By: adam

adam — Thu, 22 Sep 2011 06:28:03 +0000

I have chomped /var/db/.AppleSetupDone too,
a easy way to become the superuser on all OsX

By: big time hero

big time hero — Thu, 22 Sep 2011 01:03:20 +0000

Used chmod 700 instead, good trick until the update comes out

By: MU

MU — Wed, 21 Sep 2011 21:15:23 +0000

@ Jim T – Agreed – already set mine to: “sudo chmod -v 700 /usr/bin/dscl”.

By: Jim T

Jim T — Wed, 21 Sep 2011 17:35:34 +0000

Please please -please- do not encourage changing permissions this way using octal codes. Because right off the bat, you’re setting the root permission to 1 (execute only), whereas it was previously 7 (root can read, write, and execute), and the group/other permission to nothing, when they could previously read it. Note how when you change it back you set it to 755.

Admittedly, it’s (probably?) irrelevant in this case, but it’s a terrible habit to get into. Instead, do this:

sudo chmod go-x /usr/bin/dscl

That will -only- remove the execute permission on group and other, leaving the other permissions (read & write, and root’s full permissions) completely as was before the change. To reverse, do:

sudo chmod go+x /usr/bin/dscl

Only touch the stuff you need to touch!

By: Mario

Mario — Wed, 21 Sep 2011 17:14:20 +0000

As soon as you repair permissions, the old permissions are going to be restored.

By: Jitterbug

Jitterbug — Wed, 21 Sep 2011 17:08:57 +0000

If a pest already has physical access to a machine there are so many ways around passwords that it doesn’t matter if you change permissions or not. The reason this is valid is that, theoretically, some annoyer app could change a users password and lock them out of their own machine for a few minutes, which would be annoying but easily recoverable. As usual, the techno web is making a big deal out of nothing.