If I could, I would kick the guys responsible¹ for the disclosure in the ass. Why? We now have a youtube video with shitty music (proving essentially nothing), some scaremonger articles with a lot of prose around very few interesting bits, and most importantly, a friggin' hashtag. And of course, a name for the vuln.<p>But nothing, absolutely nothing, on how to protect myself as an ordinary user. The only thing I was able to infer from the craptastic video is that the user they're escalating from is member of the "admin" group, i.e. not a "Standard User" but an "Admin" in OS X lingo.<p>Among other things, the most obvious difference to regular Accounts is that "Admin" users can use sudo by default, but no clue whatsoever is exploited here. Some pipe-fu with sudo? Or a stupid setting by apple allowing "admin" group members doing dangerous things without (re-)authentication?<p>In closing, best make sure you're using OS X as a "Standard" User, not "Admin". In my experience, it's quite painless.<p>Edit:
> <i>"Normally there are 'sudo' password requirements, which work as a barrier, so the admin can't gain root access without entering the correct password. However, rootpipe circumvents this," he says.</i><p>This at least hints at the possibility that said exploit does not work from a standard user. So there's that...<p>¹most likely not the researchers themselves, but some "CEO" or other suit-level.
After this past year with all of its vulnerabilities, I feel so uncomfortable when I really consider it. I make online payments at least a few times a week using my credit card. I log into my web based email multiple times per day.<p>I feel so naked.<p>Has anyone who uses brew and other dev stuff tried running Mac OS as a user account? Does it work out well?
Welcome to the club? PrivEscs exploits are becoming more common as sandboxes increase in popularity. Windows had a few such bugs exploited by real attackers as zerodays in the last month (check CrowdStrike and FireEye blogs). I don't think this is news. It is simply a matter of effort whether an attacker will escalate privileges to root or kernel, it depends on the value of the data they are after.