Root Canal

Presented at Objective by the Sea version 2.0 (2019), June 2, 2019, 11 a.m. (30 minutes).

Apple released System Integrity Protection/rootless with OS X El Capitan almost four years ago. The root account is still there, and many common pieces of software open the Mac up to simple root escalations - including common macOS management tools. How can we detect these vulnerabilities across our Mac fleets? What can root still be abused for in 2019?

Presenters:

• Samuel Keeley - Security Engineer at Airbnb
  Samuel is a Security Engineer focused on user endpoints and access management at Airbnb.

Links:

• https://objectivebythesea.org/v2/talks.html#keeley
• https://www.youtube.com/watch?v=sFxz3akCNsg
• https://objectivebythesea.org/v2/talks/OBTS_v2_Keeley.pdf

Similar Presentations:

• ToorCon: Seattle (Beta) (2007) / Security breaches are good for you, like a root canal
• GrrCON 2018 / So how the actual f**k did i end up as root here
• DEF CON 9 (2001) / OS/X and Macintosh Security