Temporary Fix for ARDAgent Root Privilege Escalation « An Ex-Blog

Temporary Fix for ARDAgent Root Privilege Escalation

If you’re worried about the security problem with Apples Remote Desktop Sharing that I posted about yesterday, but still want to use the service, then here’s a quick solution:

Open Terminal and type, all on one line, the following command:

sudo chmod u-s /System/Library/CoreServices/RemoteManagement/ ArdAgent.app/Contents/MacOS/ARDAgent

Now if you use,
osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
you should get your own username back.

Tags: applescript, ardagent, macosx, root exploit

This entry was posted on Friday, June 20th, 2008 at 14:54 and is filed under Apple, Mac OS X, Security, Software, Technology. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “Temporary Fix for ARDAgent Root Privilege Escalation”

whatithink » Blog Archive » First Trojan Based on ARDAgent Root Exploit says:

Monday, 23rd June, 2008 at 15:31

[...] Secure Mac are advising Mac users to use MacScan to protect themselves against the threat. Or you could just stop the ARDAgent service from running scripts as root. [...]