Friday, November 16th 2007

Apple Admits to ‘Misleading’ Firewall

Apple has admitted that the firewall in its new Leopard OS X may be misleading to users, after complaints that the “Block all incoming connections” setting was not all that it was made out to be.
The ‘Block all incoming connections’ setting for the Application Firewall allows any process running as user “root” (UID 0) to receive incoming connections, and also allows mDNSResponder to receive connections. This could result in the unexpected exposure of network services.
As a result, the company has quickly released a patch to fix this issue, which also fixes a flaw that lets processes running as root through the firewall even if they are added to the list of blocked applications, and an issue which means an application needs to be restarted before changes in firewall settings will take affect for it.Source: ZDNet.com
Add your own comment

6 Comments on Apple Admits to ‘Misleading’ Firewall

#2
newtekie1
Semi-Retired Folder
Apple misleading...Never...
Posted on Reply
#4
Ravenas
by: Jimmy 2004
Apple has admitted that the firewall in its new Leopard OS X may be misleading to users, after complaints that the “Block all incoming connections” setting was not all that it was made out to be.

As a result, the company has quickly released a patch to fix this issue, which also fixes a flaw that lets processes running as root through the firewall even if they are added to the list of blocked applications, and an issue which means an application needs to be restarted before changes in firewall settings will take affect for it.

Source: ZDNet.com
I think the title of this post is misleading. Your talking about a flaw/bug in a firewall. This is something Apple fixed after users began to notice this. Title should be changed to something more accurate.
Posted on Reply
#5
b1lk1
by: Ravenas
I think the title of this post is misleading. Your talking about a flaw/bug in a firewall. This is something Apple fixed after users began to notice this. Title should be changed to something more accurate.
Yeah, something like:

"Overpriced computer not nearly as safe as we are all expected to believe"
Posted on Reply
#6
Ravenas
by: b1lk1
Yeah, something like:

"Overpriced computer not nearly as safe as we are all expected to believe"
You expected, not I ;) I've never suspected that any computer connected to the internet is safe :)
Posted on Reply