![]() ![]() Unless, of course, that user happens to be the root user, or has launched the process by first requesting to be run as root. That is, access to system files, other users’ files and any other protected resources is usually out of scope. When that happens, the code has access to the same resources that the user has. Technically, users need not always actually be people, but for our purposes here we’ll stick to the simple case of a user deciding to launch some application or script. Whenever code executes, it does so within the context of a user who invokes it. ![]() In Part 2, we switch from researchers to attackers and explore both how and why the methodology of macOS threat actors takes quite a different path from that of the research community. We draw conclusions for enterprise and end users alike based on this review. In Part 1, we look at some of the vulnerabilities that have been discovered by security researchers in recent versions of Apple’s Desktop OS, focusing on those that have been turned into reliable exploits. In this two-part series, we take a look at privilege escalation on macOS.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |