

Rootpipe – a new local vulnerability that works on OS X 10.10 - JoachimS
http://jerneheim.wordpress.com/2014/10/14/new-security-flaw-discovered-in-apples-operating-system/

======
miles
It's strange that TrueSec (which is credited with this find) would not have
any information about this exploit on their News[1], Blogs[2], or Facebook[3]
pages. However, the video[4] posted yesterday seems to be uploaded from an
account associated with them.

Speaking of the video: as Johan Ylinenjarvi points out in the YouTube
comments, the same effect could be achieved with a simple bash script like:

echo <your_password> | sudo -S id﻿

Clearly, more information about the exploit is needed.

[1] [http://www.truesec.com/News](http://www.truesec.com/News) [2]
[http://www.truesec.com/Blogs](http://www.truesec.com/Blogs) [3]
[https://www.facebook.com/TrueSec.Inc](https://www.facebook.com/TrueSec.Inc)
[4]
[http://www.youtube.com/watch?v=fCQg2I_pFDk](http://www.youtube.com/watch?v=fCQg2I_pFDk)

------
miles
Sorry - wrong TrueSec linked to in my earlier comment. Should be
[http://www.truesec.se](http://www.truesec.se) . Emil Kvarnhammar promises
more information after giving Apple time to patch:
[https://twitter.com/emilkvarnhammar/status/52264650512848076...](https://twitter.com/emilkvarnhammar/status/522646505128480768)
.

Another article about Rootpipe: [http://www.99mac.se/artikel/6026-ny-
sakerhetsbrist-upptackt-...](http://www.99mac.se/artikel/6026-ny-
sakerhetsbrist-upptackt-i-os-x)

