I understand that the vulnerabilities could still be exploited (until
they are patched) after a fresh install. But I just wanted to know if
that would fix the machine (for that instance) if I were to be
exploited.
I hope you guys and girls understand what I'm saying. If not, I'll try
to clear it up.
Not unless by "reinstall" you mean formatting the drive. Just
overwriting the OS X files wouldn't be sufficient to clean the system
off. As long as the home directory is in tact, the user account will
still be just as compromised as it was before, and commands can be
executed to try to escalate privilege again.
There are a variety of methods for the escalation, one that has been
mentioned recently is putting a directory of malware in $PATH before
the normal directories and replacing "sudo" or "ssh" with something
that steals the credentials while otherwise behaving normally.
All this should just serve as additional caution to be careful what
you click on and download since it may not always be trustworthy.
--
wac
More than. You wouldn't have to zero. Just make sure you erase/format the drive.
-- Finlay
Ideally boot such a system from a read-only (e.g. CD, DVD) Mac OS X
install disk and use that to reformat the drive, then install Mac OS
X. Basically you don't want to reinstall from a source that
potentially was compromised.
(ignoring the extreme case of firmware re-flashing)
-Shawn
In a case where a group of Macs on a network with internet access uses
non-addressable IP's, is it possible for someone, outside the network
to gain access to individual machines? I guess I am lacking a
comprehensive knowledge of how some of these exploits work. In
general how port specific are these exploits?
I am sure I am missing something, so feel free to point it out.