Home > FileVault 2, Mac administration, Mac OS X > Standard user accounts in OS X 10.8.4 now blocked from decrypting FileVault 2-encrypted Macs

Standard user accounts in OS X 10.8.4 now blocked from decrypting FileVault 2-encrypted Macs

One of the changes noted in Apple’s security notes about 10.8.4 and Security Update 2013-002 was this section:

Disk Management

Available for: OS X Mountain Lion v10.8 to v10.8.3

Impact: A local user may disable FileVault

Description: A local user who is not an administrator may disable FileVault using the command-line. This issue was addressed by adding additional authentication.

CVE-ID

CVE-2013-0985

Screen Shot 2013-06-07 at 3.45.54 PM

In short, this helps address an issue that has vexed various Mac admins since 10.7.0: If you have a FileVault 2-enabled account, you can decrypt the encryption from the command line using your account’s password.

With 10.8.4, the command-line diskutil tool has now been updated to request an administrator’s login and password before allowing decryption to proceed.

Administrators are also prompted, but can supply their account’s username and password to start the decryption process.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: