robmandu

The latest posts tagged with “osx

When upgrading your Mac from OS X 10.6.2 to 10.6.3, the user can allow the install to proceed without providing any admin-level credentials. This isn’t supposed to happen, as root-level activity appears to be taking place without explicit authorization. Apple supposedly corrected this bad behavior way back in 10.4.8.
Now, it seems to be back… and Apple’s using it. Rixstep dug deep and describes:
"That file .SoftwareUpdateAtLogout is owned by root:wheel and you are neither the one nor the other. And if you check the parent directory you’ll see it too is owned by root:wheel and nobody but root can get in there to modify anything.
"But you didn’t give the installer your password, did you? Leopard users still do but you didn’t, did you? No you didn’t.”
—
This problem with privilege escalation exists in Snow Leopard 10.6.2 for sure. It might exist in earlier versions of Snow Leopard as well. Mac OS X 10.5 appears to be operating correctly, though. 
For me the question is: did Apple (re-)fix this bug with the 10.6.3 update that signaled the alert?

When upgrading your Mac from OS X 10.6.2 to 10.6.3, the user can allow the install to proceed without providing any admin-level credentials. This isn’t supposed to happen, as root-level activity appears to be taking place without explicit authorization. Apple supposedly corrected this bad behavior way back in 10.4.8.

Now, it seems to be back… and Apple’s using it. Rixstep dug deep and describes:

"That file .SoftwareUpdateAtLogout is owned by root:wheel and you are neither the one nor the other. And if you check the parent directory you’ll see it too is owned by root:wheel and nobody but root can get in there to modify anything.

"But you didn’t give the installer your password, did you? Leopard users still do but you didn’t, did you? No you didn’t.”

This problem with privilege escalation exists in Snow Leopard 10.6.2 for sure. It might exist in earlier versions of Snow Leopard as well. Mac OS X 10.5 appears to be operating correctly, though. 

For me the question is: did Apple (re-)fix this bug with the 10.6.3 update that signaled the alert?

 
 

textorize: Pristine Font rendering for the Web | mir.aculo.us

Another sub-pixel anti-aliasing solution… and an excellent exploit of the really awesome typography and subpixel antialiased font rendering that are already built in to Mac OS X.

I count myself among those frustrated with Photoshop’s poor font handling yet too lazy to dig up a suitable alternative. This looks interesting.

 

About

NOTICE.
--
Persons attempting to find a motive in this narrative will be prosecuted; persons attempting to find a moral in it will be banished; persons attempting to find a plot in it will be shot.
--
BY ORDER OF THE AUTHOR
Per G. G., CHIEF OF ORDNANCE

Credits