Apple Update for CVE 2014-1347
Apple has released an update to address CVE 2014-1347 (1) for iTunes which addresses a specific vulnerability in the permissions of files and folders of the system. This vulnerability address a sitution, where "upon each reboot, the permissions for the /Users and /Users/Shared directories would be set to world-writable, allowing modification of these directories. This issue was addressed with improved permission handling".
As always, please ensure that all changes are tested and deployed in compliance with enterprise change management standards :)
(1)http://support.apple.com/kb/TS5434
tony d0t carothers --gmail
Keywords:
2 comment(s)
×
Diary Archives
Comments
Anonymous
May 17th 2014
1 decade ago
If you only have one user account on your Mac, because you don't let anyone else use it, you're able to write to your own files at any time anyway.
But if you have a Mac with more than one user account, it means that anyone can modify anyone else's files, just like in the old days of DOS.
BTW - this update applies to the most recent four versions of OS X, namely 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion) and 10.9 (Mavericks).
Anonymous
May 18th 2014
1 decade ago