An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
SUID file has been modified and will not...
#10491 06/11/10 01:10 AM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
I got these messages in my Disk Utility log after a friend of mine logged into a private mail server site using my computer. Is this a security problem?

2010-06-10 21:10:59 -0400: Warning: SUID file "Applications/Utilities/Keychain Access.app/Contents/Resources/kcproxy" has been modified and will not be repaired.
2010-06-10 21:12:11 -0400: Warning: SUID file "usr/libexec/authopen" has been modified and will not be repaired.
2010-06-10 21:12:12 -0400: Warning: SUID file "usr/libexec/security_authtrampoline" has been modified and will not be repaired.


Mid 2010 MacBook Pro 13"
2.4GHz, 750GB SATA HD, 8 GB RAM, OS 10.7.5
1 HDX1500 2TB Ext.HD, 2 HDX1500 1TB Ext.HD
HP Laserjet 6MP printing postscript via 10/100 Intel print server
Netgear WN2500RP Range Extender (Ira rocks!)
Linksys WRT1900AC Wireless Router
Brother MFC-9340CDW Color Laser
iPad Air
Re: SUID file has been modified and will not...
slolerner #10496 06/11/10 02:33 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: slolerner
I got these messages in my Disk Utility log after a friend of mine logged into a private mail server site using my computer. Is this a security problem?

Presumably not ... but there's only one way to be 100% sure.

Re: SUID file has been modified and will not...
Hal Itosis #10500 06/11/10 04:41 PM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
Yeah, I checked out the Apple site of messages that could be ignored but I did not see the SUID ones I had and they looked security-related. I should have mentioned that. The SUIDs actually did come up along with a bunch of Java permission problems, which I did ignore.

But your second link, well, that hit the nail on the head! Plus, I was VERY relieved, actually, by the fact that you thought you had been hacked because I thought I was being paranoid! I also forgot to mention that my friend had to ok a certificate to get to her mail, so that increased my anxiety. Probably the website owner didn't bother to get one?

Thank you so much, and for the quick response because I was ready to bring my computer in to Tekserve. Saved me grief and $$$.


Mid 2010 MacBook Pro 13"
2.4GHz, 750GB SATA HD, 8 GB RAM, OS 10.7.5
1 HDX1500 2TB Ext.HD, 2 HDX1500 1TB Ext.HD
HP Laserjet 6MP printing postscript via 10/100 Intel print server
Netgear WN2500RP Range Extender (Ira rocks!)
Linksys WRT1900AC Wireless Router
Brother MFC-9340CDW Color Laser
iPad Air
Re: SUID file has been modified and will not...
slolerner #10502 06/11/10 09:19 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: slolerner
Plus, I was VERY relieved, actually, by the fact that you thought you had been hacked because I thought I was being paranoid!

Just so you know: when folks put a wink in or near a sentence, it usually means that the seriousness and sincerity of its content are somewhat diminished. [i.e., i didn't actually think that i had actually been hacked. I was just highlighting the fact that it's one possible reason for an SUID warning.]


Originally Posted By: slolerner
Yeah, I checked out the Apple site of messages that could be ignored but I did not see the SUID ones I had and they looked security-related. I should have mentioned that.

Good point... neither kcproxy nor security_authtrampoline are listed there. [and yes, a mention of having already checked that article would have been helpful (to others as well, not just me).]

Last edited by Hal Itosis; 06/11/10 09:33 PM.

Moderated by  alternaut, dkmarsh, joemikeb 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.424s Queries: 22 (0.013s) Memory: 0.5862 MB (Peak: 0.6445 MB) Data Comp: Zlib Server Time: 2024-03-28 15:28:38 UTC
Valid HTML 5 and Valid CSS