Sudo Flaw Opens Potential Security Risk for OS X, Linux Users

A security flaw in the command line tool sudo in OS X 10.7 and higher, as well as some Linux distributions, could give unauthorized root access to user's computers. The flaw was reported by Metasploit, a company that specializes in finding security issues and building utilities to point them out, but the steps needed to exploit this particular issue make it unlikely most Mac users will become victims before a patch is available.

The requirements are tight, but a command line security flaw poses a threat to Mac usersThe requirements are tight, but a command line security flaw poses a threat to Mac users

To take advantage of the exploit, an attacker needs to already have an administrator-level account on the Mac, physical or remote access to the machine, have already used the sudo command, and to set the system clock to January 1, 1970. The concoction needed to use the flaw makes it highly unlikely that the average Mac user will be at risk, but it does pose a potential threat in the IT work place, or for anyone that shares a Mac with someone that's command line-savvy.

Metasploit reported the vulnerability to Apple about five months ago, but so far a fix hasn't been issued. It's possible Apple hasn't seen this threat as a high priority and is planning on including a fix in an upcoming Mountain Lion update, or that it will be addressed in Mavericks when it ships this fall.

The big issue for people that do fall victim to the sudo flaw is that the attacker could install other malicious software without their knowledge to perform tasks like collecting files and passwords.

Apple hasn't commented on the security threat, and we most likely won't hear anything about it from the company until it shows up in the notes for a security patch.

[Thanks to Ars Technica for the heads up]