I got these messages in my Disk Utility log after a friend of mine logged into a private mail server site using my computer. Is this a security problem?

2010-06-10 21:10:59 -0400: Warning: SUID file "Applications/Utilities/Keychain Access.app/Contents/Resources/kcproxy" has been modified and will not be repaired.
2010-06-10 21:12:11 -0400: Warning: SUID file "usr/libexec/authopen" has been modified and will not be repaired.
2010-06-10 21:12:12 -0400: Warning: SUID file "usr/libexec/security_authtrampoline" has been modified and will not be repaired.

Presumably not ... but there's only one way to be 100% sure.

Yeah, I checked out the Apple site of messages that could be ignored but I did not see the SUID ones I had and they looked security-related. I should have mentioned that. The SUIDs actually did come up along with a bunch of Java permission problems, which I did ignore.

But your second link, well, that hit the nail on the head! Plus, I was VERY relieved, actually, by the fact that you thought you had been hacked because I thought I was being paranoid! I also forgot to mention that my friend had to ok a certificate to get to her mail, so that increased my anxiety. Probably the website owner didn't bother to get one?

Thank you so much, and for the quick response because I was ready to bring my computer in to Tekserve. Saved me grief and $$$.

Just so you know: when folks put a in or near a sentence, it usually means that the seriousness and sincerity of its content are somewhat diminished. [i.e., i didn't actually think that i had actually been hacked. I was just highlighting the fact that it's one possible reason for an SUID warning.]



Good point... neither kcproxy nor security_authtrampoline are listed there. [and yes, a mention of having already checked that article would have been helpful (to others as well, not just me).]