Hack Mac OS X With Installer Packages 194
nezmar writes, "MacGeekery has a short but insightful piece with examples on how to use a malformed Installer package (.pkg) on Mac OS X to 'insert user accounts with administrator rights and change root-owned system configuration or binary files without prompting the vast majority of Mac OS X users for a password of any kind.'" The article notes that this issue was brought up on the Apple Discussion Boards 6 weeks back and that it was noted there as a duplicate / known issue. It also gives as an example the installation of Parallels, the popular virtualization software, which uses the described technique, but not for nefarious purposes.
"Installs" are bad (Score:4, Interesting)
One of the great features of the original MacOS was that it didn't have "installation". You put an application somewhere, the Finder found it, and you could launch it. If you wanted to delete it, you deleted it, and it disappeared. Maybe once in a while you had to rebuild the desktop to update the derived info that made this work.
But now, Apple has "installation", where install programs put stuff all over the place, and maybe change the state of the system. Just like Windows. Big step backwards.
Re:it still asked me for a password (Score:5, Interesting)
Basically the guy suggested that the authentication dialog should have a user customisable image (you would customise in control panel). That way when the password entry dialog appears the person would know whether the password request dialog was being provieded by the system, or being faked. The idea is that the is little chance in the rogue program working out the image the user used to authenticate password dialogs.
It also makes us realise that validity of Microsoft providng the facility of signing packages. Although there are chances that you can have a faked certificate, this would help you limit yourself to a party with a valid certificate, if you so choose. The important point is that the certificate is used as an indication, not as a control mechanism.
The truth is though, if you have enough careless users installing random garbage you increase the chances of your system getting 0wned, no matter what the OS. It is the same principal as in the real world where even if you have the best security system, if you have people leaving doors open, covering detectors because they make life inconvenient they are truely worthless.
Re:it still asked me for a password (Score:3, Interesting)
Re:Easy way to hack OSX (Score:3, Interesting)
If you can boot into single user mode, the machine is toast anyway. The best thing to do is to install Open Firmware Password [apple.com] to keep people from booting into single user mode or booting from another drive without the admin password, and then physically lock the machine so someone can't open it.
Re:Lets hope its not broken.... (Score:3, Interesting)
You can't intercept it without modifying the OS kernel. And if you've done that you already own the machine. ctrl-alt-delete is a very low level signal. This has been around since NT for login, it's nothing new. On linux you can customise what the combo does by modifying the inittab file.
Re:Let me get this straight ... (Score:3, Interesting)