GIANT HUMONGOUS HOLE in mac os x security!!!

[sandsl]

>> I just have a regular user account that happens to be named "guest".
The name if the account is irrelevant, the importance is on the password. If the account doesn't have a password than anyone can login (duh). If you wanted to secure your system you would put a password on this account or remove it. I find it difficult to sympathize with you while YOU added a open 'guest' account and expect 100% security.

>>I never touched any of my permissions
That doesn't mean they are apple's factory settings. Applications can (& have) changed permissions and there have been numberous reports of Installers which seem to mess up permissions.

Like I said, i'm not having the problem you've described. However you should report it to Apple is you still think its a big. In the mean time remove your 'guest' account or set a password for it even if its just 'guest'. So user/password would be 'guest'/'guest'. You may find that fixes your problems.

 

[aaike]

I'm thinking that sharing /Volumes might not be such a good idea. If you would work with partitions, you would make these available/visible too... I think messing with NetInfo to do this isn't exactly the same as keeping factory settings.
I've never experienced a trouble when accessing my computer via Windows anyway.
But please let us know if you found out what is really wrong!

 

[solrac]

no, my guest account does have a password!!! I didn't even know you could make an account with no password.

Anyway, I know of no other way to share my iPod via SMB other than that /Volumes hack I did.

Anyway, this is all a moot point since I downloaded 10.2.3 this problem no longer exists. Weird.....

 

[fryke]

Well, let's say there's two options.

1) There WAS a giant security hole and Apple patched it with 10.2.3.

2) _Something_ was wrong (whatever the reason) with your permissions and/or SMB setup and 10.2.3 fixed it automatically.

Whatever the reasons, the problem seems solved now.

 

[Vyper]

Originally posted by Austin Powers
Did someone say giant humongous hole? Oh my... better get that stiched up baby! Yeah!

Hey Ed.. have you ever contemplated banning somebody?

I wouldn't trust my Mac with a Windows person anyways ^_^

 

[Austin Powers]

Originally posted by Vyper
Hey Ed.. have you ever contemplated banning somebody?

You don't work for Dr. Evil, do you man? I mean, when you come face to face with danger on a daily basis, a little humor goes a long way, especially when it comes to humongous holes... I mean really man, you could fit a watermellon in there!

 

[Jason]

ive yet to see a serious post from you powers... you have a point here?

 

[Jersey Turnpike]

Does your guest account have privileges to 'administer this computer'?

If so, that's the problem.

 

[Orion]

just disable guest access in smb of your localhost.

 

[solrac]

AHHHH THERE'S NO GUEST ACCESS!!!!!!!!!!!

FORGET I EVER SAID THE WORD GUEST

sheeesh