tastelessfruit
Registered
Hi
Is this anything to be concerned about?
thanks
Is this anything to be concerned about?
thanks
Permissions Repair
- Thread starter tastelessfruit
- Start date
ElDiabloConCaca
U.S.D.A. Prime
Some discussion on that here:
http://discussions.apple.com/thread.jspa?threadID=1485315
Couldn't really find a definitive answer, but it does look interesting, at the least, and concerning at the most.
The fact that sudo has been modified is the troubling. I want to say, being a Mac, that these are benign, but I'm really leaning toward something else. Are you up-to-date on the handful of trojans that you can be tricked into installing on your computer? If not, I'm sure there are more than enough threads here to cover the most prolific. There are some scanning tools out there that can detect one or more of these trojans, which I highly recommend you run.
It may not hurt, if you're versed in the Terminal, to try to compare digests between the BOM and the actual executable itself (I would definitely try it with the "sudo" entry, that's for sure) to see if there's a discrepancy. This would mean that somehow, somewhere along the way, the "sudo" executable was modified by something, either intentionally, unintentionally, maliciously or accidentally. How to do that is outline in the Apple Discussion linked above.
http://discussions.apple.com/thread.jspa?threadID=1485315
Couldn't really find a definitive answer, but it does look interesting, at the least, and concerning at the most.
The fact that sudo has been modified is the troubling. I want to say, being a Mac, that these are benign, but I'm really leaning toward something else. Are you up-to-date on the handful of trojans that you can be tricked into installing on your computer? If not, I'm sure there are more than enough threads here to cover the most prolific. There are some scanning tools out there that can detect one or more of these trojans, which I highly recommend you run.
It may not hurt, if you're versed in the Terminal, to try to compare digests between the BOM and the actual executable itself (I would definitely try it with the "sudo" entry, that's for sure) to see if there's a discrepancy. This would mean that somehow, somewhere along the way, the "sudo" executable was modified by something, either intentionally, unintentionally, maliciously or accidentally. How to do that is outline in the Apple Discussion linked above.
tastelessfruit
Registered
no im not versed in the terminal and the apple discussion was way over my head.
my last hd crashed, i had my data recovered by one of those apple certified places.
i reinstalled my home library as best i could but did have some diffficulties. a guy at the upper level of Apple Support walked me through it and i do remember we did a number of things in the terminal regarding permissions.
does that shed anylight on it? i dont even know what a sudo or suid file is!
as to trojans-no i'm not up to date nor knowledgeable about them. i should say my new system is only a month old.
my last hd crashed, i had my data recovered by one of those apple certified places.
i reinstalled my home library as best i could but did have some diffficulties. a guy at the upper level of Apple Support walked me through it and i do remember we did a number of things in the terminal regarding permissions.
does that shed anylight on it? i dont even know what a sudo or suid file is!
as to trojans-no i'm not up to date nor knowledgeable about them. i should say my new system is only a month old.
tastelessfruit
Registered
i ran MACSCAN 2.6 and found no trojans-i did find a dozen or so tracking cookies i'm happy to be rid of.
so can i rest easy?
so can i rest easy?
ex2bot
Registered Bot
The likelyhood of you having a Trojan problem on your Mac is very slim. Is your machine still within the first 90 days of its warranty? If so, then you should call Apple and ask the
about the permissions repair errors. Be persistent, since your issue appears to be rare.
Good luck!
Bot
(from iPod)
about the permissions repair errors. Be persistent, since your issue appears to be rare.
Good luck!
Bot
(from iPod)