official blog of marquis montgomery: complete with notes, rants, reviews, tips, and tricks.

I thought this was interesting enough to share:
Six months ago, we wrote about a risky bug in the sudo command, the Unix equivalent of Run As… on Windows. You use sudo to run an operating system command as a different user, usually root, the all-powerful Unix administrator account.

http://nakedsecurity.sophos.com/2013/08/29/apple-neglects-os-x-privilege-escalation-bug-for-six-months-gets-metasploit-on-its-case

http://nakedsecurity.sophos.com/2013/08/29/apple-neglects-os-x-privilege-escalation-bug-for-six-months-gets-metasploit-on-its-case