Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > uk.comp.sys.mac > #183793

Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck

From David B. <boaterdave@hotmail.co.uk>
Newsgroups alt.computer.workshop, uk.comp.sys.mac
Subject Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck
Organization Retired
References <n7obu5F9snuU1@mid.individual.net> <6a20851d$1$25$882e4bbb@reader.netnews.com> <6a208756$1$27$882e4bbb@reader.netnews.com> <6a20be8b$0$23$882e4bbb@reader.netnews.com>
Date 2026-06-04 08:08 +0000
Message-ID <6a213283$1$25$882e4bbb@reader.netnews.com> (permalink)

Cross-posted to 2 groups.

Show all headers | View raw

On Jun 3, 2026, Brock McNuggets wrote:
> You have yet to show a screenshot of the file you are concerned with.
> Hint: last time you went through this you eventually admitted it did not
> exist.

I have never admitted the helper binary "did not exist," Michael. Stop trying
to invent revisionist history to cover for your collapsed argument.

Since you are begging for a screenshot, look closely at the file "Screenshot
2026-06-04 at 08.40.59.jpg", which you can view directly here:
https://i.ibb.co/RpKwFsy7/Screenshot-2026-06-04-at-08-40-59.png

Anyone looking at "Screenshot 2026-06-04 at 08.40.59.jpg" can see the absolute
reality of the application's internal structure. Right there in plain sight,
highlighted under the "Helpers" directory, is the exact standalone UNIX
executable I have been talking about:

EtreCheckPro.app/Contents/Helpers/storageHelper

When a user runs the advanced drive benchmark, the main application invokes
this helper binary and prompts the user for an administrator password to
elevate its execution state to root.

By your own logic: "If you drag the Bundle to the trash all of its contents
are deleted."

Exactly! The binary lives entirely inside a user-writable directory
(/Applications/). Because it relies on on-demand privilege escalation rather
than a cryptographically bound, system-protected daemon, it creates a classic
Local Privilege Escalation (LPE) threat vector.

If a local malicious actor or script modifies that helper binary inside the
user-space bundle shown in "Screenshot 2026-06-04 at 08.40.59.jpg", the next
time the administrator authenticates the benchmark prompt, they are
unknowingly handing root execution rights to a compromised asset.

Relying on the user-space Finder Trash to clean up an executable that
regularly requests root-level privileges is exactly what is meant by
structural security debt.

You have now copy-pasted the exact same response three times because you
cannot address the basic threat modeling of local privilege escalation.

Enjoy the rest of your holiday! :-D

-- 
David

Back to uk.comp.sys.mac | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-27 15:03 +0100
  Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 14:29 +0000
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Gremlin <nobody@haph.org> - 2026-05-27 15:15 +0000
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 15:34 +0000
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-27 18:34 +0100
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 20:00 +0000
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-27 23:36 +0100
          Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 23:33 +0000
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-28 12:48 +0100
  Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 20:31 +0000
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-27 23:42 +0100
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-27 23:39 +0000
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-05-28 08:48 +0100
          Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-05-28 12:26 +0000
            Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-02 10:51 +0000
              Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-02 16:13 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-02 21:58 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-02 21:03 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-02 21:21 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-02 21:46 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-02 21:57 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 00:35 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 07:46 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <Brock.McNuggets@gmail.com> - 2026-06-03 14:02 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 14:54 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 15:43 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 16:00 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 19:06 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 19:40 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 19:48 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 19:58 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 23:53 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-04 08:08 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 13:53 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-04 14:32 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <Brock.McNuggets@gmail.com> - 2026-06-04 14:47 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-04 15:05 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 16:20 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 20:07 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 19:16 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 21:59 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 21:15 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 22:38 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 22:28 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 22:50 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 22:27 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 23:34 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 22:57 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 15:45 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-03 17:01 +0100
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 19:06 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck David B. <boaterdave@hotmail.co.uk> - 2026-06-03 19:46 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 19:49 +0000
  Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-02 09:59 +0100
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-02 16:14 +0000
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-02 22:02 +0100
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-02 21:05 +0000
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck pothead <pothead@snakebite.com> - 2026-06-02 22:23 +0000
          Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 00:40 +0000
          Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-03 08:51 +0100
            Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <Brock.McNuggets@gmail.com> - 2026-06-03 14:02 +0000
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Gremlin <nobody@haph.org> - 2026-06-03 20:22 +0000
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 23:45 +0000
    Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Gremlin <nobody@haph.org> - 2026-06-03 20:22 +0000
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-03 23:45 +0000
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 08:31 +0100
          Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 13:56 +0000
            Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 15:59 +0100
              Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 16:06 +0000
              Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Gremlin <nobody@haph.org> - 2026-06-05 03:42 +0000
                Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-05 03:59 +0000
      Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck "David B." <"David B."@invalid.org> - 2026-06-04 08:26 +0100
        Re: macOS Technical Note: Privileged Helpers, dragging to Trash, and EtreCheck Brock McNuggets <brock.mcnuggets@gmail.com> - 2026-06-04 13:57 +0000

csiph-web