Yesterday, Slashdot reported a privilege escalation vulnerability in OSX. Using AppleScript you can tell the ARDAgent to execute arbitrary shell script. Since, ARDAgent is running as root, all child processes inherit root privleges. Intego points out that if the user has activated Apple Remote Desktop sharing the ARDAgent can’t be exploited in this fashion. So, the short term solution is to turn on ARD, which you can do without giving any accounts access privileges. TUAW has an illustrated guide to doing this in 10.4 and 10.5.
Mac Hacks255 Articles
EFiX Boots Leopard Retail DVDs On Generic Hardware
On June 23rd, EFiX is planning on releasing a USB dongle that will let any PC boot and install OSX from a retail DVD. The commercial device is supposed to take care of all patching and other woes OSX86 enthusiasts have had to deal with. Very little information is provided other than a statement that the development process took a lot of time and that they overcame “sabotage”… so, it’s got that going for it. Major OSX86 contributor (and Psystar hater) [Netkas] received a device to test and was pleased with the results. We’re just going to wait and see what happens. Not that it matters; they have no plans of releasing it in the US.
[via InsanelyMac]
[photo: Mario Seekr]
XBMC For Your Mac
XBMC (formerly Xbox Media Center) has always been a popular choice for retiring an original Xbox. Maybe people install it for lack of something better to do or maybe it’s the pride in having better media support than the 360. The XBMC team has found another device that has a pretty weak television experience, the Mac. Lifehacker took the latest XBMC for OSX beta build for a run now that it supports remote controls. It seems like a much more functional than Apple’s built in Front Row. There are a few things that don’t quite work yet, which you can find in the FAQ. We’re definitely going to try this on our old Mac mini… once we upgrade it to Leopard, which is an unfortunate caveat that might prevent people from running XBMC on legacy hardware. There is no Apple TV support planned because of limited horsepower and the hacking hurdles that might be required. If you’re interested in repurposing your old Xbox with XBMC, check out Lifehacker’s install guide.
Apple IIGS Laptop
I may hit my limit on DIY laptops soon, but [Ben Heck] has been extra quiet for a while. Now we know why. Just after the release of his PS3 laptop comes his Apple IIGS laptop. Thanks to [Ed] for the tip. It features original Apple hardware and even uses the original keyboard PC board. A CF drive adapter replaces the hard drive and a 15 inch screen shows off the true power of 8 bit computing.
DIY IMac Mini
[Phyro-Mane] sent in his home built iMac mini. He based it on an old laptop with an install of OSX86 XP with a mac theme. The forum is in German, but the photos in the thread speak for themselves.
24th Anniversary Macintosh
[Dave] sent in his retro Mac project. Putting new guts into an old mac isn’t really unheard of, but I liked his solution to use the original Mac 512k keyboard and mouse. He used an Atmel AT90USB162 to create his own standard USB HID device. The keyboard and mouse appear as a standard USB device, so the mac (or any modern USB PC) can identify use the keyboard and mouse without any additional software.
Investigating The Leopard Firewall
Our friend [Rich Mogull] has been flipping the switches on Leopard’s new firewall and scanning it to see what’s actually going on. There is some good and some bad. The new application signing is a mixed bag. It breaks Skype and a commenter pointed out that automatically trusting Apple installed apps like NetCat isn’t a good idea either. You can roll your own firewall using user friendly tools like WaterRoof since ipfw is still included.
