As reported by William Carrel, at http://www.carrel.org/dhcp-vuln.html, the default setting for LDAPv3 directory access in Panther and earlier versions of Mac OS X creates a potential vulnerability. Apple has released information on a workaround at:
http://docs.info.apple.com/article.html?artnum=32478
This procedure does disable the vulnerability's access point. However, some folks may not be comfortable changing Directory Access settings, or may not want to walk remote users through it.
So, this script does that via UI scripting. Because it has to use UI scripting, it only works on Panther, (that's the only OS release that I can count on having UI scripting installed on.)
You also MUST be able to authenticate as an administrator on any mac you run this on.
So, lets review...to use this script, you MUST:
1) Be running some version of Panther
2) Be an administrator on the machine you run the script on.
What's new in this version:
creeted already good flag so that you don't get erroneous messages if you're ahead of the game.
Thanks to Todd McDaniel for spotting this.
Comments