In association with heise online

17 November 2006, 13:56

Unsafe permissions assignment on Apple's Remote Desktop

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Apple has released a security advisory and updates for its Remote Desktop. The Remote Desktop admin server sets less restrictive rights for packages used for installation and upgrade on client systems. Local users on the Remote Desktop admin system could use this to manipulate such packages and thereby execute commands with root rights on the client systems, insofar as clients are installed or updated.

The bug affects Remote Desktop version 3.0. Apple is providing updated packages of version 3.1 for download. These should be installed by administrators of Remote Desktop admin servers if other users have access to those computers.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit