Replies

Basically, if you are Airporting at a Starbucks with an Apple, somebody with the proper tool can "root" you and then do whatever the they want with your computer. But if you just turn off any network authorization services and don't use DHCP, you are fine. However, you probably won't be able to use the network :-)

IMO, This is because of Apple's legacy holdover from Next - NetInfo. They never truly integrated their underlying Users & Groups with the guts of the operating system. It's kind of an early 90's concept tack-on.

They held that piece of junk (NetInfo) over and never converted everything over to the BSD security (probably due to the demands of producing consumer level "friendliness"). Permissions are a mess all over the OS.

This is what happens when the marketing/management suits ignore engineering. Now that it is public, I'm sure they have a crack team of Indians working on the problem as we speak.

Signed - Bitter Ex-Apple Guy That Knows LDAP Intimitely. ;-)))

All that said, I'm still gonna use my Mac laptop with airport in public places. Better than using Windows.

Basically, if you are Airporting at a Starbucks with an Apple, somebody with the proper tool can "root" you and then do whatever the they want with your computer. But if you just turn off any network authorization services and don't use DHCP, you are fine. However, you probably won't be able to use the network :-)

Good summary. Yep. I love that one: "Turn off DHCP" (or, alternatively, "Unplug your network cable"). BWAHAHAHAHAHAHAHAHAHA!

But if you just turn off any network authorization services and don't use DHCP, you are fine. However, you probably won't be able to use the network :-)

Actually you just need to disable the "Use DHCP-supplied server" options for LDAP and NetInfo. You can still use DHCP to get an IP address. This is really just a problem with default settings; auto-configuration from remote LDAP or NetInfo servers can be quite useful in controlled environments, but it should *not* be the default behavior.