Hates the Infotainment
Join Date: May 2004
Location: NSA Archives
|
Repaired permissions today prior to a software install, finished with this. Remote Mgmt part makes me nervous. If someone hacked my cable connection could they use this file to mess with my system? Have no type of remote workflows, don't install Remote Access (unless that's installed by default with the system now?). I probably should file this under teh ghost thread also.
Warning: SUID file "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent" has been modified and will not be repaired. ...into the light of a dark black night. |
quote |
Travels via TARDIS
Join Date: Aug 2005
Location: Earthsea
|
ARDAgent.app is a standard part of the system. It's accepts inbound connections from Apple Remote Desktop (hence ARD). It will only be enabled if you have Remote Management enabled in System Preferences -> Sharing. (It will only run / appear in Activity Monitor when someone is connected.)
If anyone cares to recall, ARDAgent is the application that was the subject of a hotly contested debate a about a privilege escalation hole. One workaround was to remove the SetUID bit on the ARDAgent executable. However, once something loses the SetUID bit, the system will not automatically restore it if if thinks the file has been modified. Depending on how that's tracked, it's likely that ARDAgent was changed in a software update, but the checksum the system expects from the original OS install. What version of Mac OS X are you running? Apparently I call the cops when I see people litter. |
quote |
Hates the Infotainment
Join Date: May 2004
Location: NSA Archives
|
10.6.4
Should note I do not allow any type of incoming connections AFA sharing / none of my sharing modules are active or have been active AFAIK. Also notice the last few days some random lags for maybe half a minute when browsing with Safari or using other apps. No crash or anything, it's just the system making me wait even though nothing majorly process intensive is going on. ...into the light of a dark black night. |
quote |
Selfish Heathen
Join Date: May 2004
Location: Zone of Pain
|
Mac OS X: Disk Utility's Repair Disk Permissions messages that you can safely ignore
ARDAgent is on the list. |
quote |
Hates the Infotainment
Join Date: May 2004
Location: NSA Archives
|
Nice link. Thanks Von Bradster.
|
quote |
Posting Rules | Navigation |
|
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
SUID will not be repaired? | jdcfsu | Genius Bar | 4 | 2009-11-01 03:33 |
Help with photo management | Phoenix | Genius Bar | 13 | 2007-08-20 08:48 |
Money Management | naashraf | Third-Party Products | 10 | 2005-06-01 16:23 |
Document Management | EmC | General Discussion | 8 | 2005-03-29 15:44 |
Cable Management | alcimedes | General Discussion | 8 | 2005-01-13 14:33 |