Skip navigation

TS4272: OS X Lion v10.7.3: User account passwords appear in log files for Legacy FileVault, and/or network home directories

Learn about OS X Lion v10.7.3: User account passwords appear in log files for Legacy FileVault, and/or network home directories

TS4272 Password compromised whether or not FileVault was used?

1472 Views 3 Replies Latest reply: May 11, 2012 2:45 AM by Graham Perrin RSS
llee Level 1 Level 1 (100 points)
Currently Being Moderated
May 10, 2012 7:23 PM

This article states that Lion 10.7.3 users are possibly affected by a compromise of their passwords whether or not Filevault has been used, doesn't it?

  • Llessur999 Level 4 Level 4 (1,145 points)

    Per the first sentence, this impacts users who either use Legacy FileVault or have home folders mounted via NFS, AFP, or SMB.  If you don't fall in either category, no issue.


    Per the second sentence, the logs these plain-text passwords are stored in may have been copied to backups (not Time Machine) or to syslog servers.


    Link to TS4272 to save readers the trouble of finding it.

  • Graham Perrin Level 2 Level 2 (240 points)

    Recommended reading:


    About the security content of OS X Lion v10.7.4 and Security Update 2012-002


    * the first item describes the Login Window issue, with reference to CVE-2012-0652.


    From Apple's document — and from seeing the symptom of the bug on (just one) computer where FileVault 1 was used — my understanding is that:


    * simply making an AFP connection from a 10.7.3 client, to a server, does not cause the password to be saved in pain text


    * the issue may affect a 10.7.3 client that uses a server for both (a) login window authentication and (b) automatic mounting of the client's home directory.


    Hint: at a 10.7.3 client, in the Users & Groups pane of System Preferences, click Login Options. If any network account server is listed, then you may find that the password of a network account user is saved in plain text at that client computer.


More Like This

  • Retrieving data ...

Bookmarked By (0)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.