Apple on Wednesday afternoon released Mac OS X 10.4.10, a free maintenance update recommended for all PowerPC and Intel-based Mac computers running versions of Mac OS X 10.4 Tiger. The update includes general operating system fixes, as well as specific enhancements to RAW camera support and third-party application support. Additionally, Apple said the update bundles security improvements and fixes for mounting and unmounting external USB devices.
One bug is still not fixed. Anyone know why on the intel builds of OS 10.4 you need root to run /sbin/dmesg ? On PPC builds it works like dmesg in any other unix .
Works without full path for me on Intel.
Sorry, just wanted to be the first to say, welcome the this version.
I’ve just installed it, but haven’t rebooted. I’m typing this in parallels using the new Safari in XP… ๐
Actually, the new RAW support might be very useful, a friend has a camera that wasn’t support previously…
What can I add? Interesting to see the ‘mythical’ 10.x.9 barrier broken! ๐
Folks over at AI note that this update contains some sort of support for new iMac displays:
http://forums.appleinsider.com/showpost.php?p=1099800&postcount=13
LEDs in October, ne?
Glad to see the PITA problem i have been having with the TomTom 910 has been addressed, nice one Apple ๐
I think he means dmesg requires your sudo password- this is good for security. This update touches Safari as well (I was trying to launch it while the update was running and the icon had a ? mark on it, meaning that it was being updated).
“I think he means dmesg requires your sudo password- this is good for security.”
There’s little, if any at all, security to be had from requiring dmesg to be run as root.
Ever thought it would be a great way for an exploit to find whether a local service is running? find out whether it is running (and what version), then attack it using the information regarding the exploit; infact, you will know whether its running, the version, and which exploit to use – roll up an exploit that covers a number of exploits at the same time.
“Ever thought it would be a great way for an exploit to find whether a local service is running”
Except dmesg does not show that, it only shows hardware detection and some kernel messages. It does not show services or their configuration.
It’s not like there’s anything stopping anyone from running “netstat -lna | grep LISTEN”.
Edited 2007-06-21 12:10
I was hoping that .10 would bring new video card support to the Mac Pros. Nvidia 8xxx support, anyone?
Nonsense- shows the kernel version, which definitely helps for exploits, also shows security auditing settings and some IPV4/6 settings. This is obviously not comprehensive enough to provide much security, but every little bit helps.
The only “nonsense” here is what you’re saying. The information you’ve mentioned there can be acquired as an unprivilidged user in other ways. There is no justifiable reason to require root access to read the dmesg output. Do you find it impossible to accept that you’re wrong or must you continue to justify something with ever more inane reasons?
I do see your point, maybe I came off as too harsh- but I do not think that just because you can get at info a different way means that you should not restrict it. For instance, just because you can see the info from dmesg in several ways doesn’t make it stupid to restrict access to dmesg. What really needs to happen is have all of the various ways to get the info restricted in the same manner or tighter yet.
Just tried running VMware Beta 4 and I get no display showing. Bad Apple. BAD!
pac