New Patch Fixes 43 Flaws In OS X, Many Serious 2157
0, actually.
Daniel Johnson Sorry, got uid and process id crossed. 0 is procid for the swapper. And progid 1 is for...
This is not clear, but I *think* you are trying to say "I can't prove my claims, so I demand you...
Well, all processes are descendants of init, but that's not terribly relevant here.
I do not think init implements a check for the uid being valid; that would surely be a repebreastion of the code in the kernel that starts processes.
It means no such thing. You are just making this stuff up as you go along.
Certainly it will be. Remember that users *do* download software an expect it to run. That Unix defaults files to "not executable" is a problem (UI wise) and must be fixed. And it is fixed.
It's treated just like the old type-creator codes in Mac OS 9. The OS just needs to wrap the file up in some container that preserves this information. There are many choices.
Mac OS X supports .zip and .dmg files out of the box, and both do this.
Apple has gone out of their way to make this easy. You can, for instance, send an application bundle as an attachment to an email. Just drag it into Apple's mail composition window, and send away.
Mail zips it up for you automatically, and unzips it transparently at the other end. You can run it right out of the mail window- just double click. The executable bits are handled for you, completely transparently.
No muss, no fuss. It is as if executable bits never existed.
Any processes that could have created the file in the first place.
Do you supose someone else's position of ignorance would be better? :D snip Not quite. The recent iChat virus also had...
snip
On science? Surely you jest.
No, it isn't. Mac OS X is derived from NeXTstep, not from any Unix.
Windows NT Technology! :D
snip
Some are. It had a vogue, once, but it's advantages are limited, and the performance cost excessive.
What 'science' are you talking about?
snip
I do not use AV software and have not been compromised yet. It is not "required".
You need AV software if you understand computers so little that you can't protect yourself. If you can't tell which emails, files, or websites are dangerous. If you click "OK" to every security prompt. That sort of thing.
Lots of users like that on Windows; very, very few on Linux.
snip
I have made such a case as I can. That it does not persuade you means little; nothing can ever persuade you...
Exactly. The kernel is not the problem area- in any OS. The security woes of an OS are largely in its internet facing applications, these days.
snip
More than one, but not the books you cite. :D
snip
Yes; man pages are documentation for the utilities that run on the command line; actually in the original Unix, man pages provided all documentation, but this is not true of Mac OS X.
If you think these describe a large fraction of Mac OS X, you are mistaken. Apple provides extensive documentation, but it is not in the form of man pages.
snip
Single biggest, not only problem.
This is not true; there was a bug of this sort about a decade ago now. It was fixed a long, long time ago.
There have been other problems, but I suspect you would not understand them.
Sucks to be 0wned, you know?
Such as?
No, indeed not. But the mbutt market is largely composed of computer-illiterates who are very easily decived into running programs that are not safe.
snip
I'm using XP in like fashion; no problem.
I do; routinely.
snip
No. This position is not sustainable; it can be held only in complete ignorance of what Mac OS X is really like.
Neither have I; they are few, far between, and do not spread far.
No. *Nobody knows* how to a build an OS so secure that these problems do not occur. Only Microsoft is even *trying*.
snip
If the kernel could prevent security breaches in userspace, then we would observe that all the malware for Windows woud attack it's kernel, and the endless procession of security vulnerabilities found in both Mac OS X and in Windows would be about flaws in their kernel.
But neither of these things are true.
snip
This isn't really true either. The kernel provides some services, but much more is implemented in userspace.
I wish this were so!
Neither have I, but it does happen from time to time.
snip
Never say die, eh? That's the spirit!
snip
My tenacity and my gall. :D
The tricks that work on Windows work on OS X also; but if you want something "particular" to OS X, how about the vulnerabilities in Apple's auto-configuration implementation, which decides how to interpret filetypes without the need for installers.
That vector is "particular" to OS X.
I have not explained because you have not, until now, asked.
You will be waiting forever; becaus when a Mac virus (or other malware) does appear, you will deny it and pretend it's not there.
We've already seen this.