![]() Sandboxing limits the range of functions that can be performed so hinders the browser. Beyond the potentiality of the mDNSresponder exploit (already patched), no remote privilege escalations are known for OSX with a "typical" user setup (or system not modified with custom apache setups, etc).ĭifficult to effectively sandbox browsers due to broad range of functions and plugins. They require a privilege (root) escalation exploit as part or in conjunction for virus install without user intervention. As are the other two running exposed services.Ĭlient side exploits (web browser & it's plugins) are limited in being able to install a virus because require user to elevate permissions via the admin password. Now (leopard & snow leopard), mDNSresponder is run unprivileged and heavily sandboxed. ![]() Potential root escalation in Tiger in relation to this as mDNSresponder running as root (unconfirmed reports of worm but not in the wild). These services always allowed through firewall. Some services always on with port open, such as mDNSresponder. But, Windows has more of these services turned on by default so greater exposed surface area to find exploit. Most of these services are security sensitive so made more inherently secure on all OSes. But, firewall can be passed if traffic appears ok as in recent browser exploits. If turn on these services in the sharing pane, it is a good idea to turn on the firewall. But, if service not listening to a port for incoming then port won't open, hence services turned off. Now the services are turned off but application firewall turned off and packet filter is running with no rules. Older versions OSX had packet filter firewall blocking traffic to these services by default and when service turned on then modified firewall rules. ![]() Beneficial security features are taken from both but mostly modelled after FreeBSD.Īlmost all services that could be used for a server side exploit are turned off by default. #PROCESSING FOR MAC VIRUSES MAC OSX#Permission hierarchy modelled after Unix specifically, Mac OSX kernel is a hybrid of Mach (Unix compatible microkernel) and FreeBSD. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |