Apple has released an update to address CVE 2014-1347 (1) for iTunes which addresses a specific vulnerability in the permissions of files and folders of the system. This vulnerability address a sitution, where "upon each reboot, the permissions for the /Users and /Users/Shared directories would be set to world-writable, allowing modification of these directories. This issue was addressed with improved permission handling". As always, please ensure that all changes are tested and deployed in compliance with enterprise change management standards :) (1)http://support.apple.com/kb/TS5434 tony d0t carothers --gmail |
Tony 150 Posts ISC Handler May 17th 2014 |
Thread locked Subscribe |
May 17th 2014 6 years ago |
FYI, this is to correct an apparent bug/regression introduced with iTunes 11.2.
|
RonM 1 Posts |
Quote |
May 17th 2014 6 years ago |
It is available for Mac OS X only and does not apply to Windows machines. This issue is this -
If you only have one user account on your Mac, because you don't let anyone else use it, you're able to write to your own files at any time anyway. But if you have a Mac with more than one user account, it means that anyone can modify anyone else's files, just like in the old days of DOS. BTW - this update applies to the most recent four versions of OS X, namely 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion) and 10.9 (Mavericks). |
toymaster 13 Posts |
Quote |
May 18th 2014 6 years ago |
Sign Up for Free or Log In to start participating in the conversation!