Проблемы полномочий на Leopard OS X; это указывает на вмешательство или вредоносное программное обеспечение?
В основном похоже, что набор полномочий был изменен от rwx------ кому: rwxrwxrwx (или достаточно близкий к этому); некоторые из которых включают Java для Mac, я думаю. Я недавно сделал Archive & Install OS X 10.5.
Это указывает на какую-либо подделку в мою систему или какое-либо вредоносное заражение?
Вот восстановления:
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/DVD.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/FRSettings.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/FRSources.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Movies.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Music.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Photos.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/Podcasts.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Front Row.app/Contents/PlugIns/TV.frappliance/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/PrivateFrameworks/BackRow.framework/Versions/A/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Permissions differ on "System/Library/CoreServices/Menu Extras/RemoteDesktop.menu/Contents/CodeResources", should be -rw-r--r-- , they are lrwxr-xr-x .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/CodeResources", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/CodeResources", should be -rw-rw-r-- , they are -rw-r--r-- .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Info.plist", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Info.plist", should be -rw-rw-r-- , they are -rw-r--r-- .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS/JavaPluginCocoa", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS/JavaPluginCocoa", should be -rwxrwxr-x , they are -rwxr-xr-x .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS", should be drwxrwxr-x , they are drwxr-xr-x .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Resources/Localizable.strings", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Resources/Localizable.strings", should be -rw-rw-r-- , they are -rw-r--r-- .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Resources", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/Resources", should be drwxrwxr-x , they are drwxr-xr-x .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/version.plist", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/version.plist", should be -rw-rw-r-- , they are -rw-r--r-- .
Group differs on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents", should be 80, group is 0.
Permissions differ on "Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents", should be drwxrwxr-x , they are drwxr-xr-x .
Permissions differ on "System/Library/Frameworks/AppKit.framework/Versions/C/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/PrivateFrameworks/DotMacSyncManager.framework/Versions/A/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/PrivateFrameworks/DotMacSyncManager.framework/Versions/A/Resources/DotMacSyncHelper.app/Contents/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/PrivateFrameworks/DotMacSyncManager.framework/Versions/A/Resources/dotmacsyncui.app/Contents/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/PrivateFrameworks/DotMacLegacy.framework/Versions/A/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/Extensions/IOUSBMassStorageClass.kext/Contents/_CodeSignature/CodeDirectory", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/Extensions/IOUSBMassStorageClass.kext/Contents/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/Extensions/IOUSBMassStorageClass.kext/Contents/_CodeSignature/CodeSignature", should be ?--------- , they are -rw-r--r-- .
Permissions differ on "System/Library/SystemProfiler/SPDisplaysReporter.spreporter/Contents/_CodeSignature/CodeResources", should be ?--------- , they are -rw-r--r-- .
1
задан squircle
11.05.2011, 22:23
Ссылка
0 ответов
По моему опыту, большинство из тех является собственными патчами Apple, не являющимися очень чистым. Вы найдете, что символьные ссылки к имеющему версию дереву для плагина, как с платформами, которые имеют Versions/A поддеревья.
Я не уверен, что сделать из should be ?--------- хотя; это предлагает мусор в файлах BOM. Я использовал бы pkgutil --file-info найти правильный файл пакета и затем исследовать его с другим pkgutil команды и/или lsbom видеть, что испорчено, но необходимо было бы знать, что что-то о формате пакета Apple поняло его.
3
ответ дан geekosaur
12.12.2019, 10:33
Ссылка