Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ARD Agent vulnerability
Operating Systems OS X (Apple) ARD Agent vulnerability Post 302208339 by [MA]Flying_Meat on Monday 23rd of June 2008 03:13:34 PM
Old 06-23-2008
As I understand it, local GUI login is required by the same user that is issuing the command.
So if Joe is using the machine, and someone either makes Joe run the command (trojan), or someone else is logged into the terminal as Joe then the command will work.

Anyway, there are a couple of things you can do to plug this hole (or make it much smaller).

You can remove the setuid bit from the executable, tar or remove the ARD product entirely, or if you require ARD for whatever reason (server access...) you can change privileges on the osascript executable to at least restrict who can run the command unchallenged.

Some options.
 

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Solaris agent

Hello, on Solaris 5.8 I've installed SunMgtCenter to get the time agent; it's under /opt/SUNWsymon/sbin/es-start -a it's in ps -ef | grep agent ...but it doesn't work; the machine is always in alarm cause the time is different of the clock server; is it clear enough ? tks cc (0 Replies)
Discussion started by: Carmen123
0 Replies

2. IP Networking

SNMP agent

Hi, I am really new in linux and SNMP. I have a SNMP agent in Linux (net-snmp). I have my MIB in the /usr/share/mibs directory, and I didn't manage to understand where and how do I put the values of the fields in the MIB? The values are static, so the agent need to return the same value in... (0 Replies)
Discussion started by: linuxbegginer
0 Replies

3. UNIX for Dummies Questions & Answers

perform agent

Hi, Please can someone explain me about the " perform agent " on UNIX . Thanx (1 Reply)
Discussion started by: reply2soumya
1 Replies

4. UNIX for Dummies Questions & Answers

vcs agent

Hi all, I'm new to vcs. I have a doubt. I need to know, what will happen if an agent is stopped while reources being online. Eg.. while the oracle agent is stopped, will all the oracle resources will become offline.. Advanced thanks (1 Reply)
Discussion started by: sunshine12
1 Replies

5. Solaris

OV Server on 11 - need to install agent?

Client has got a few machines with logical domains on. But I can't see the the ovs-agent service? Quite possibly I guess this has been set up with just logical domains. With no agent. Do you need to use the agent only if planning to manage with OV Manager? (6 Replies)
Discussion started by: psychocandy
6 Replies

LEARN ABOUT CENTOS

pmdakvm

PMDAKVM(1)						       Performance Co-Pilot							PMDAKVM(1)

NAME

       pmdakvm - Linux virtualisation performance metrics domain agent (PMDA)

DESCRIPTION

       pmdakvm is a Performance Metrics Domain Agent (PMDA) which exports metric values from the Linux KVM virtualisation subsystem.

       Unlike many PMDAs it dynamically enumerates its metric hierarchy, based entirely on the contents of /sys/kernel/debug/kvm.

INSTALLATION

       If you want access to the names and values for the kvm performance metrics, do the following as root:

	       # cd $PCP_PMDAS_DIR/kvm
	       # ./Install

       If you want to undo the installation, do the following as root:

	       # cd $PCP_PMDAS_DIR/kvm
	       # ./Remove

       pmdakvm is launched by pmcd(1) and should never be executed directly.  The Install and Remove scripts notify pmcd(1) when the agent is
       installed or removed.

FILES

       $PCP_PMDAS_DIR/kvm/Install
	   installation script for the pmdakvm agent

       $PCP_PMDAS_DIR/kvm/Remove
	   undo installation script for the pmdakvm agent

       $PCP_LOG_DIR/pmcd/kvm.log
	   default log file for error messages from pmdakvm

SEE ALSO

       pmcd(1) and kvm(1).

3.8.10							       Performance Co-Pilot							PMDAKVM(1)
All times are GMT -4. The time now is 01:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy