niels Posted April 17, 2002 Report Share Posted April 17, 2002 If you're logged out & Retrospect starts, you'll see the Apple Menu on the login screen. From here, you can select System Preferences & change users names & passwords & also change regular users to admin users. You can even delete users. You could also change the startup disk & basically bypass any security that logins would normally provide. The only account you cannot change here is the Root account. This is a huge problem. I hope that Dantz has a fix for this quickly. Perhaps having the background process run without a GUI would be a solution. Link to comment Share on other sites More sharing options...
johnpitcairn Posted April 17, 2002 Report Share Posted April 17, 2002 Lock the Users, Network, Startup Disk (etc) preference panes, which will then require an admin password to change anything. But yes, I'd prefer Apple menu to be inaccessible... John Pitcair Link to comment Share on other sites More sharing options...
Mayoff Posted April 17, 2002 Report Share Posted April 17, 2002 This is very good feedback. Thank you. I will do an investigation and report the situation to the engineers as necessary. Link to comment Share on other sites More sharing options...
CallMeDave Posted April 17, 2002 Report Share Posted April 17, 2002 As noted, the Mac OS X security model includes the ability to lock preference panes out to non-administrator users. Plus, it takes an administrator password just to _launch_ Retrospect. So a casual user cannot setup a script in order to take advantage of this situation. A Retrospect administrator who wants preference security should lock down the settings and sleep soundly. Dave Link to comment Share on other sites More sharing options...
niels Posted April 17, 2002 Author Report Share Posted April 17, 2002 In OS X, normally preferences such as startup disk & users are locked for non-admin users. The problem is that since the Retrospect application runs with admin privileges, it's as though it has logged in, so you can still access the privileges. Although, I can lock the prefs myself for further security, it doesn't negate the security problem that is there. Link to comment Share on other sites More sharing options...
NCSUCPE Posted April 17, 2002 Report Share Posted April 17, 2002 Timbuktu had the same problem with the first beta! This is definitely a big security problem! Timbuktu released an update within a day or so of the report. I wonder if our friends here at Dantz will be as quick. John Link to comment Share on other sites More sharing options...
niels Posted April 18, 2002 Author Report Share Posted April 18, 2002 I checked to see if locking the preference panels & then logging out would actually lock them. It doesn't. I was still able to go in & change everything once Retrospect started & brought up the Apple menu. Locking the preference pane only locks it for the current login session. Logging in with the same user that had locked the system prefs, & then opening them shows them unlocked. The use of locking them is if you don't want to log out, but don't want anyone who might approach your machine to change settings. Although, you can have some login security by using the screen saver lockout. Also, if I login with the Retrospect window open, the application continues running, but I get an authentication box with root filled in as the user. I believe Retrospect needs to run as root in order to be able to restore with full privileges. So, it seems as though this security hole is more than just admin rights, it's root privileges! Link to comment Share on other sites More sharing options...
maniabug Posted May 8, 2002 Report Share Posted May 8, 2002 It has been the better part of a month. Has this issue been addressed by an update? Link to comment Share on other sites More sharing options...
IrenaS Posted May 8, 2002 Report Share Posted May 8, 2002 Dantz is aware of and actively investigating this issue. We do not have a fix at this time. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.