If I could, I would kick the guys responsible¹ for the disclosure in the ass. Why? We now have a youtube video with shitty music (proving essentially nothing), some scaremonger articles with a lot of prose around very few interesting bits, and most importantly, a friggin' hashtag. And of course, a name for the vuln.
But nothing, absolutely nothing, on how to protect myself as an ordinary user. The only thing I was able to infer from the craptastic video is that the user they're escalating from is member of the "admin" group, i.e. not a "Standard User" but an "Admin" in OS X lingo.
Among other things, the most obvious difference to regular Accounts is that "Admin" users can use sudo by default, but no clue whatsoever is exploited here. Some pipe-fu with sudo? Or a stupid setting by apple allowing "admin" group members doing dangerous things without (re-)authentication?
In closing, best make sure you're using OS X as a "Standard" User, not "Admin". In my experience, it's quite painless.
Edit:
> "Normally there are 'sudo' password requirements, which work as a barrier, so the admin can't gain root access without entering the correct password. However, rootpipe circumvents this," he says.
This at least hints at the possibility that said exploit does not work from a standard user. So there's that...
¹most likely not the researchers themselves, but some "CEO" or other suit-level.
This is rich. Instead of "kicking the guy in the ass" for disclosing his findings, I'd recommend kissing his ass for disclosing this responsibly. If he wouldn't have, you, me, and many other people would be in a lot of trouble now, wouldn't we? And while we're at it, you might be interested in finding out how things like "full disclosure" and "responsible disclosure" came about in the first place. Spoiler alert, you may not like the answer.
"[...] nothing, absolutely nothing, on how to protect myself as an ordinary user." Really? He gave you two tips, didn't he? Make sure your default account doesn't have admin rights and use FileVault. He obviously can't tell us why FileVault helps without risking our safety. That's clearly not nothing.
My critique was aimed at the form of the disclosure, not the act itself. This may have not gotten through for various reasons.
> Really? He gave you two tips, didn't he?
I do stand corrected. Either the last paragraph was edited into the article after I wrote my comment, or I did not see it the first time. Unfortunately, I can no longer edit my previous comment.
It was derided by everyone because for years, it was difficult to use Windows as an unprivileged user because so many consumer apps assumed every user account had admin permissions.
Microsoft broke this chain of bad decisions in Vista--which itself resulted in the much-derided flood of UAC warnings.
But nothing, absolutely nothing, on how to protect myself as an ordinary user. The only thing I was able to infer from the craptastic video is that the user they're escalating from is member of the "admin" group, i.e. not a "Standard User" but an "Admin" in OS X lingo.
Among other things, the most obvious difference to regular Accounts is that "Admin" users can use sudo by default, but no clue whatsoever is exploited here. Some pipe-fu with sudo? Or a stupid setting by apple allowing "admin" group members doing dangerous things without (re-)authentication?
In closing, best make sure you're using OS X as a "Standard" User, not "Admin". In my experience, it's quite painless.
Edit: > "Normally there are 'sudo' password requirements, which work as a barrier, so the admin can't gain root access without entering the correct password. However, rootpipe circumvents this," he says.
This at least hints at the possibility that said exploit does not work from a standard user. So there's that...
¹most likely not the researchers themselves, but some "CEO" or other suit-level.