![]() ![]() This will create a zip file of ARDAgent on your Desktop (as you don't have rights to modify the original folder). In the contextual menu that appears, select Compress ARDAgent (in 10.5 in 10.4, I believe it will say Create Archive of ARDAgent). (If you're curious about what Apple might be able to do about such security issues in the future, security researcher Dino Dai Zovi has in the next major OS X update.) For years, we've been taught that if a program doesn't ask for our administrative passwords, the damage it could do was limited-still bad, in that it could easily erase your entire user's folder, but someone couldn't, for instance, take over your machine without your knowledge. This is potentially a very dangerous situation, as it means an attacker could use ARDAgent to run their 'evil code' without the system ever prompting the user for a password. This is where the danger comes in, because any shell script that ARDAgent launches will also be run as root, without any need for the user to enter their administrative password. However, ARDAgent can also be used to launch shell scripts via a bit of Terminal-capable AppleScript code. In and of itself, that's not a bad thing. In order to do what it does, though, ARDAgent runs as a root process, much like any other low-level system function such as printing. Used in a lab setting, ARDAgent is very useful for people who use Apple Remote Desktop to manage a large number of Macs it can run programs on behalf of the remote administrator, for instance. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |