dago Posted May 8, 2007 Share Posted May 8, 2007 Launchd's developer Zarzycki is informing of two another builds of Leopard, 9a423 and 9a430: http://trac.macosforge.org/projects/launchd/timeline Link to comment Share on other sites More sharing options...
Dr. Heckles Posted May 9, 2007 Share Posted May 9, 2007 What is more interesting than the internal build numbers is that they just tagged a new version of launchd. This'll probably be for 9A43x that us regular humans get. Link to comment Share on other sites More sharing options...
mr.manatane Posted May 9, 2007 Share Posted May 9, 2007 Sad !!! I hope they will correct this before Leopard is launched. http://trac.macosforge.org/projects/launchd/ticket/1 As a system engineer i've switched to launchd for most of our servers. In this process I've found out that when not configuring launchd the right way this could lead to a major securtity flaw. I know, you should then configure launchd the right way but still. I found that this bug is to big to leave it not reported. For example... When you have a launchd script that fires of a normal application and you put this script in /Library/LaunchDaemons/. Also i have automatic login disabled. During startup it will open this application without loging in. The login window is still visible but the application launches. Then you could easily open system preferences by clicking on the blue apple icon in the top left corner. With System Preferences open you could easily change the root password and log in. I know you should configure it the right way by putting this in LaunchAgents. But still, wouldn't it be beter that this would not be possible when you haven't logged in? Link to comment Share on other sites More sharing options...
Recommended Posts