6/1/2023 0 Comments How to uninstall ardagent![]() My question: is that actually safe, for an application vulnerable to arbitrary/malicious and escalated code execution? Looks like group ( wheel) and all others can execute the binary. rwsr-xr-x 1 root wheel 1.1M Mar 6 19:15 ARDAgent ![]() This made me a little paranoid, so I searched again, and found this page, where the accepted answer reassures me that Disk Utility likely doesn't "know" the file has been patched for security reasons.Īs I'm a little stubborn, I checked the actual ownership/permissions for that binary on my system: Intrigued, I investigated on the binary, and landed on this page (amongst others). Warning: SUID file 'System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent' has been modified and will not be repaired. Sudo /usr/libexec/repair_packages -verify -standard-pkgs / I recently ran a permission repair on the root volume: I'm running on El Capitan 10.11.6, patched with the latest security updates at the time of writing.
0 Comments
Leave a Reply. |