Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Summary

A vulnerability found last week that was originally thought to only affect the Linux and BSD operating systems is now believed to impact macOS as well. 

 

Quotes

Quote

 A vulnerability found last week that was originally thought to only affect the Linux and BSD operating systems is now believed to impact macOS as well. The security flaw, tracked as CVE-2021-3156, affects Sudo, an app used by administrators to grant root access to other users. 

Now, British security researcher Matthew Hickey has noted that the most recent version of macOS contains the Sudo app. He discovered that, with a few minor modifications, the CVE-2021-3156 vulnerability was effective on macOS devices.

Hickey’s findings have been independently verified by other security experts but have reportedly not yet been acted upon by Apple itself. Hickey has said that Apple has been informed of the issue but no patch was included in the most recent security update released earlier this week.

 

My thoughts

I hope Apple patches this vulnerability soon. As a user of both Mac and Linux, yea I kinda panicked (y? I have no idea). But in all seriousness, this needs to be patched and they literally had a security update just this last week. 

Sources

 https://www.techradar.com/news/sudo-bug-also-found-to-affect-macos?region-switch=1612416646

Link to post
Share on other sites

As with most of this vulnerabilities - only relevant for multi-user (public) systems or in case you get infected by malware. So a lot of servers will have to be updated ASAP.

 

For typical home/personal system - almost completely irrelevant, but will be fixed with updates at some point.

 

And since macos is not really used on servers...

Link to post
Share on other sites

Sounds reasonable.  MacOS is basically a BSD.  

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
55 minutes ago, Bombastinator said:

Sounds reasonable.  MacOS is basically a BSD.  

Unix

they are all unix based or inspired

Hi

 

Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler

hi

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Link to post
Share on other sites
15 minutes ago, Drama Lama said:

Unix

they are all unix based or inspired

“Inspired” can be a lot less close than based. At least in movies.  In movies “based” isn’t even all that close.  BSD is Unix.  Quite literally.  It’s what the great 3 year patent troll lawsuit that allowed Linux to even come into existence was about.  BSD stands for Berkeley System Design.  Berkeley was doing the official Unix updates for many years.  At one point they realized they’d updated basically everything and Unix wasn’t even really owned by the company that bought it any more because they’d gotten greedy and farmed everything out to a publicly funded state college. 
 

Linux is a version of minix which was a sort of weird rip off of Unix.  Due to a patenting error there was a three week window where minix was not adequately covered.  A teenaged hacker named Linus Torvalds managed to jump through it.

Edited by Bombastinator

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites

macs don't get viruses

Hi

 

Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler
Spoiler

hi

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Link to post
Share on other sites
7 minutes ago, Drama Lama said:

macs don't get viruses

Nobody get viruses anymore.  It’s a very specific type of malware that at this point is mostly just historical.  Malware *nixes and other things can get though.  I understand with Apple stuff criminals mostly have to rely on social engineering though

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
31 minutes ago, Bombastinator said:

I understand with Apple stuff criminals mostly have to rely on social engineering though

Except for extreme rarity everything is reliant on social engineering and user error, for quite a long time now. It's not just an Apple thing, general security has actually significantly improved since the days of being able to exploit things like Microsoft Office VBA code and only requiring an email to be viewed to run code against the system.

Link to post
Share on other sites

Oof. That’s not good it’s surprising that the big is so old that it is affecting Mac OS

Link to post
Share on other sites

If the bug affects Linux , BSD and MacOS, then the vulnerability must have been so old...... How did it go off the radar for so long .....? Is sudo so bloated

 

 

Edit : YES it is bloated lol , the github page says 400,000 lines of code LMFAO

Link to post
Share on other sites
9 hours ago, owwnoooo said:

If the bug affects Linux , BSD and MacOS, then the vulnerability must have been so old...... How did it go off the radar for so long .....? Is sudo so bloated

Do you have even the remotest idea what sudo is, does, and why it's so useful?  Without looking at Google?  I'll bet half the folks participating in this thread have no idea.

 

Editing Rig: Mac Pro 7,1

System Specs: 3.2GHz 16-core Xeon | 96GB ECC DDR4 | AMD Radeon Pro Vega II (32GB HBM2) | Lots of SSD and NVMe storage |

Audio: Sound Blaster X7 external DAC/ADC |

Displays: 3 x BenQ EW3280U displays |

 

Gaming Rig: PC

System Specs:  Asus Rampage VI Extreme board | Intel Core i9 10980XE | 64GB Corsair Vengeance LPX (OC'd to 4GHz) | NVidia 3090 FE card (OC'd) | Corsair AX1500i power supply | CaseLabs Magnum THW10 case (RIP CaseLabs ) |

Audio:  Sound Blaster AE-9 card | Mackie DL32R Mixer | Sennheiser HDV820 amp | Sennheiser HD820 phones | Rode Broadcaster mic |

Display: Asus PG32UQX 4K/144Hz display |

Cooling:  2 x EK 140 Revo D5 Pump/Res | EK Asus R6E monoblock | EK 3090FE waterblock | AlphaCool 480mm x 60mm rad | AlphaCool 560mm x 60mm rad | 13 x Noctua 120mm fans | 8 x Noctua 140mm fans | 2 x Aquaero 6XT fan controllers |

Link to post
Share on other sites
On 2/4/2021 at 4:03 PM, Drama Lama said:

macs don't get viruses

My Aunt's Mac was infected by a dozen viruses after I gave it to her for one month.

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 5 3600 @ 4.1Ghz          Case: Antec P8     PSU: G.Storm GS850                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition @ 2Ghz

                                                                                                                             

Link to post
Share on other sites
1 hour ago, williamcll said:

My Aunt's Mac was infected by a dozen viruses after I gave it to her for one month.

Sounds like the definition of “virus” is used differently here.  There is one definition of computer virus that is quite narrow.  Back in the day the canned reply to “Macs can’t get viruses” was “sure, but they’re even more susceptible to worms” which is another very different and very specific kind of malware.  Using that definition unixes are immune because they work in a different way.  I don’t remember what the specifics of it, but it may have had to do with specifics of the way x86 or windows did something.  Modern win10 probably can’t get that specific thing either because it now also works in a different way.  There was a period where all unixes were just somewhat harder to write malware for but it was long ago.  

Edited by Bombastinator

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
2 hours ago, Bombastinator said:

Sounds like the definition of “virus” is used differently here.  There is one definition of computer virus that is quite narrow.  Back in the day the canned reply to “Macs can’t get viruses” was “sure, but they’re even more susceptible to worms” which is another very different and very specific kind of malware.  Using that definition unixes are immune because they work in a different way.  I don’t remember what the specifics of it, but it may have had to do with specifics of the way x86 or windows did something.  Modern win10 probably can’t get that specific thing either because it now also works in a different way.  There was a period where all unixes were just somewhat harder to write malware for but it was long ago.  

It wasn't a Windows thing or x86, a virus using a more stricter and older definition is a malicious computer program that is able to replicate itself when executed and is able to modify and insert it's own code in to other programs thereby infecting them. A virus is able to replicate itself, organic and computer.

 

It was defined this way because that's what all malicious software did back in the day and it's a definition based on academic research of the time in to self replicating  computer programs based on the idea of how organic viruses worked. The terminology malware came later when other types of malicious software started to be observed that did different things i.e. Trojans.

 

Computer viruses have been around since the 1970's, with the academic research of them starting before that, so they pre-date both x86 and Windows.

Link to post
Share on other sites
14 minutes ago, leadeater said:

It wasn't a Windows thing or x86, a virus using a more stricter and older definition is a malicious computer program that is able to replicate itself when executed and is able to modify and insert it's own code in to other programs thereby infecting them. A virus is able to replicate itself, organic and computer.

 

It was defined this way because that's what all malicious software did back in the day and it's a definition based on academic research of the time in to self replicating  computer programs based on the idea of how organic viruses worked. The terminology malware came later when other types of malicious software started to be observed that did different things i.e. Trojans.

 

Computer viruses have been around since the 1970's, with the academic research of them starting before that, so they pre-date both x86 and Windows.

That fits.  Sounds like the thing that fouls them is the Unix package system then. I dunno though. I was never a programmer. 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
13 hours ago, Bombastinator said:

Sounds like the definition of “virus” is used differently here.  There is one definition of computer virus that is quite narrow.  Back in the day the canned reply to “Macs can’t get viruses” was “sure, but they’re even more susceptible to worms” which is another very different and very specific kind of malware.  Using that definition unixes are immune because they work in a different way.  I don’t remember what the specifics of it, but it may have had to do with specifics of the way x86 or windows did something.  Modern win10 probably can’t get that specific thing either because it now also works in a different way.  There was a period where all unixes were just somewhat harder to write malware for but it was long ago.  

Well it was causing issues to the computer and malwarebytes did remove it.

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 5 3600 @ 4.1Ghz          Case: Antec P8     PSU: G.Storm GS850                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition @ 2Ghz

                                                                                                                             

Link to post
Share on other sites
Quote

Matthew Hickey has noted that the most recent version of macOS contains the Sudo app.

I don't think the people making these writeups have any idea what they're talking about. Sudo has nothing to do with apps, and is not an app. It's a command-line utility used for escalating privileges. And yes, macOS has had sudo since it became a fork of Darwin, which I believe has been the case since the very first 10.0 release.

 

It's no surprise that it has sudo, and it's also no surprise that it... hasn't been removed in recent versions? The entire developer community would collectively throw a giant hissy fit if Apple decided to remove sudo, as it's such an essential tool for legitimate privilege escalation that you would barely be able to do anything without it. You need root to do anything that you haven't explicitly been granted permission to do. Although I believe the GUI has ways to escalate privileges that have nothing to do with sudo, the impact on scripts and command-line utilities would be massively debilitating.

 

Look, it's interesting that macOS is vulnerable to this, but please, everyone, stop being so shocked that sudo exists in an OS that is literally based on Unix. No, it's not unix-inspired, it's not unix-like... macOS is definitely, unquestionably a derivative of Unix. And unlike Linux, it is also fully POSIX compliant. Not POSIX-like, which Linux is, but fully compliant. (I believe it's only compliant up to an older version of the standard, though.)

MacBookPro11,5 - 2.5GHz Core i7, 16GB RAM, 2TB OWC Aura Pro X2 SSD

macOS 10.14.6, Windows 10 1703, and Arch Linux

 

I will never downgrade to Catalina.

I will never update Windows.

Link to post
Share on other sites
1 hour ago, LoganDark said:

I don't think the people making these writeups have any idea what they're talking about. Sudo has nothing to do with apps, and is not an app. It's a command-line utility used for escalating privileges. And yes, macOS has had sudo since it became a fork of Darwin, which I believe has been the case since the very first 10.0 release.

 

It's no surprise that it has sudo, and it's also no surprise that it... hasn't been removed in recent versions? The entire developer community would collectively throw a giant hissy fit if Apple decided to remove sudo, as it's such an essential tool for legitimate privilege escalation that you would barely be able to do anything without it. You need root to do anything that you haven't explicitly been granted permission to do. Although I believe the GUI has ways to escalate privileges that have nothing to do with sudo, the impact on scripts and command-line utilities would be massively debilitating.

 

Look, it's interesting that macOS is vulnerable to this, but please, everyone, stop being so shocked that sudo exists in an OS that is literally based on Unix. No, it's not unix-inspired, it's not unix-like... macOS is definitely, unquestionably a derivative of Unix. And unlike Linux, it is also fully POSIX compliant. Not POSIX-like, which Linux is, but fully compliant. (I believe it's only compliant up to an older version of the standard, though.)

Its a tiny tiny app alright.  Just a few lines. It depends on how you define the term though.

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
1 minute ago, Bombastinator said:

Its a tiny tiny app alright.  Just a few lines. It depends on how you define the term though.

On macOS, "app" usually means at the very least what's called a "bundle". A bundle is a generic term for the format that .app folders use. Sudo is not a bundle at all, so it's far from being an app. It's just a binary. A program. A command. But not an app.

MacBookPro11,5 - 2.5GHz Core i7, 16GB RAM, 2TB OWC Aura Pro X2 SSD

macOS 10.14.6, Windows 10 1703, and Arch Linux

 

I will never downgrade to Catalina.

I will never update Windows.

Link to post
Share on other sites
Just now, LoganDark said:

On macOS, "app" usually means at the very least what's called a "bundle". A bundle is a generic term for the format that .app folders use. Sudo is not a bundle at all, so it's far from being an app. It's just a binary. A program. A command. But not an app.

Like I said, depends on how you define it.  All of the individual Unix commands are separately written though.  Sudo is going to be part of several “bundles”

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×