You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
if [[ $(security -q authorizationdb read "$section" | /usr/bin/xmllint -xpath '//*[contains(text(), "group")]/following-sibling::*[1]/text()' - ) != "admin" ]]; then
What is the current bug behavior?
Without full path attacker can put earlier into path different security binary
Instead of intended file will be executed mallicious binary
Code execution
What is the expected correct behavior?
On line 14 security -q should be /usr/bin/security -q
The text was updated successfully, but these errors were encountered:
Summary
system_settings_system_wide_preferences_configure.yaml
insonoma
branch is missing full path tosecurity
binarySteps to reproduce
macos_security/rules/system_settings/system_settings_system_wide_preferences_configure.yaml
Line 14 in 8d3ac52
What is the current bug behavior?
Without full path attacker can put earlier into path different
security
binaryInstead of intended file will be executed mallicious binary
Code execution
What is the expected correct behavior?
On line 14
security -q
should be/usr/bin/security -q
The text was updated successfully, but these errors were encountered: