Archived Blog Post: April 6, 2005

"OSX can be root compromised by a trojan application.": "Apple does not feel this is an issue as 'Administrators should not run arbitrary software.' [...] Administrators are required to authenticate actions to the core operating system. This vulnerability allows applications to bypass this requirement by 'piggy-backing' off an unrelated authorization event."

[bookmark]