Linked by Thom Holwerda on Mon 6th Mar 2006 21:59 UTC, submitted by crispoe
Mac OS X "In response to the woefully misleading ZDnet article, 'Mac OS X hacked under 30 minutes', the academic Mac OS X Security Challenge has been launched. The ZDnet article, and almost all of the coverage of it, failed to mention a very critical point: anyone who wished it was given a local account on the machine (which could be accessed via ssh). The challenge is as follows: simply alter the web page on this machine, The machine is a Mac mini (PowerPC) running Mac OS X 10.4.5 with Security Update 2006-001, has two local accounts, and has ssh and http open - a lot more than most Mac OS X machines will ever have open."
Thread beginning with comment 101945
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: argument makes no sense
by rayiner on Mon 6th Mar 2006 22:53 UTC in reply to "RE: argument makes no sense"
Member since:

Do remember that Apple sells an entire line of Macs intended to be servers!

Reply Parent Score: 4

someone Member since:

I am not sure how well XServe sells or what percentage of XServe users actually use Mac OS X Server as their OS.

Reply Parent Score: 1

RE[4]: argument makes no sense
by riha on Tue 7th Mar 2006 11:38 in reply to "RE[2]: argument makes no sense"
riha Member since:

All Xserves we are selling are running macosX, if they would not run macosX, why even sell them an mac???

Having ssh and httpd is VERY common on servers. Or at least httpd, ssh could be setup in an secure way by using vpn or something, but it is pretty common with servers accesting ssh for their users.

Reply Parent Score: 1

elsmob Member since:

Isn't a Mac Server an oxymoron, similar to postal service or military intelligence ?

Reply Parent Score: -1

deathshadow Member since:

>> Isn't a Mac Server an oxymoron
Don't tell that to the US Army - they bought a whole SLEW of G3's for that very use.

>> or military intelligence ?
Oh wait, nevermind.

Reply Parent Score: 0