Admits serious design weakness
Last modified on Saturday, 17 November 2007 05:09
Apple has admitted that Leopard's firewall software was flawed and has issued several patches to fix it. The admission comes after Apple claimed that its firewall was superior to everyone else's and could block all incoming connections.
In an advisory accompanying the Mac OS X v10.5.1 update, Apple admitted that the "block all incoming connections" setting for the firewall is misleading. In fact, even with that setting activated, any process running as 'root' will receive incoming connections. mDNSResponder can also receive connections and leave the network wide open. However, Apple is not fixing the problem, it is only changing the wording so that the button now reads, "only allow essential services."
Apple has also tinkered with the @Set "access for specific services and applications" setting for the Application Firewall that allows any process running as user root to receive incoming connections, even when the user has put the connection on a blocked list.
The Leopard firewall patch comes a day after Apple shipped a huge update to cover at least 41 Mac OS X and Safari for Windows vulnerabilities.