1 4 5 6 7 8 Previous Next 168 Replies Latest reply: Sep 8, 2013 9:10 AM by MadMacs0 Go to original post
  • 75. Re: crsud process with security update 2013-001
    baltwo Level 9 Level 9 (60,115 points)

    Start interval is daily:

     

    cat /System/Library/LaunchDaemons/com.apple.xprotectupdater.plist


    <?xml version="1.0" encoding="UTF-8"?>

    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

    <plist version="1.0">

    <dict>

              <key>StartInterval</key>

              <integer>86400</integer>

              <key>Label</key>

              <string>com.apple.xprotectupdater</string>

              <key>ProgramArguments</key>

              <array>

                        <string>/usr/libexec/XProtectUpdater</string>

              </array>

              <key>RunAtLoad</key>

              <true/>

    </dict>

    </plist>

  • 76. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    I doubt that it's at all connected with XProtect....

    (And congratulations on the new computer.)

     

    What do you make of this then, from strings /usr/libexec/crsud (the "errors" appear because it wasn't actually executing.)

     

    com.apple.xprotectupdater

     

    com.apple.crsud

     

    TRUE

     

    xProtect = %@, crsud = %@

     

    Syncing up xprotect and codeginger preferences...

     

    com.apple.ServiceManagement.daemons.modify

     

    Error obtaining right to modify launch prefs: %@

     

    Disabling crsud service - xprotect was found disabled...

  • 77. Re: crsud process with security update 2013-001
    MadMacs0 Level 4 Level 4 (3,725 points)

    Thanks baltwo. What system does that one come from. Looks to be identical to mine from ML.

     

    WZZZ and I have just been continuing to speculate on how the new system works, specifically whether the crsud process also updates XProtect and does toggling the "Automatically install important security updates" will accelerate a check of XProtect the way the old "...safe downloads" preference did.

     

    A side issue was whether the StartInterval represents real time or computer up time and if that is different for SL users.

  • 78. Re: crsud process with security update 2013-001
    ds store Level 7 Level 7 (30,305 points)

    Xprotect and crsud have two different processes, connections/servers/times etc. on 10.6.8

     

    Screen shot 2013-04-09 at 7.16.08 AM.jpg

  • 79. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    They are two different processes, but from strings, above, it looks like they are meant somehow to work together or in sync at times. The full output of strings is in my post on the previous page; I may have missed some other references to XProtect.

  • 80. Re: crsud process with security update 2013-001
    baltwo Level 9 Level 9 (60,115 points)

    MadMacs0 wrote:

    Thanks baltwo. What system does that one come from. Looks to be identical to mine from ML.

    This is from SL. I've disabled crsud on it. Can't remember why, but it shouldn't affect anything.

  • 81. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    Can't remember why, but it shouldn't affect anything.

    I don't think crsud is harmful or privacy invading. If anything, it's meant to enhance security...somehow. Personally, I wouldn't have disabled it.

  • 82. Re: crsud process with security update 2013-001
    andyBall_uk Level 7 Level 7 (20,320 points)

    >>somehow

    by allowing certain updates regardless of who is using the computer, no?

     

    >>Hard to imagine it silently installing a security update

    but isn't that exactly what it did, albeit a simple script & .emptypayload ?

     

    btw - ...index-cr-lion[snowleopard]-1.sucatalog seems unavailable now - test completed, perhaps.

  • 83. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    >>somehow

     

    by allowing certain updates regardless of who is using the computer, no?

    But please explain. Why would it matter for this who is using the computer? Is it that you think this is vulnerable to being compromised by some kind of exploit and needs an informed user to prevent that?

  • 84. Re: crsud process with security update 2013-001
    baltwo Level 9 Level 9 (60,115 points)

    WZZZ wrote:

    I don't think crsud is harmful or privacy invading. If anything, it's meant to enhance security...somehow.

    Too much mommy Apple for me. I let Xprotect do its thing and that should be sufficient. I've disabled all autoupdaters on my machines on all OSs. I'm responsible enough to provide for my own security.

  • 85. Re: crsud process with security update 2013-001
    andyBall_uk Level 7 Level 7 (20,320 points)

    >>Is it that you think this is vulnerable to being compromised by some kind of exploit

    No

     

    >>Why would it matter for this who is using the computer?

    As I see it, the change allows 'critical' updates w/o confirmation or admin approval. They don't pop up in sw update where they can be dismissed, and will occur regardless of software update automatic checks being disabled.

  • 86. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    I'm responsible enough to provide for my own security.

    But you can't write your own security patches.

  • 87. Re: crsud process with security update 2013-001
    WZZZ Level 6 Level 6 (12,220 points)

    andyBall_uk wrote:

     

    >>Is it that you think this is vulnerable to being compromised by some kind of exploit

    No

     

    >>Why would it matter for this who is using the computer?

    As I see it, the change allows 'critical' updates w/o confirmation or admin approval. They don't pop up in sw update where they can be dismissed, and will occur regardless of software update automatic checks being disabled.

    I see what you're saying, but what if this is the only way going forward that Snow will be getting security updates? I guess we need to know more. I agree, I always like to wait a few days to see what trouble a security update might be causing. Set up this way, that will no longer be possible.

     

    Message was edited by: WZZZ

  • 88. Re: crsud process with security update 2013-001
    baltwo Level 9 Level 9 (60,115 points)

    WZZZ wrote:

    …but what if this is the only way going forward that Snow will be getting security updates?

    Then, Apple should be shot. Autoupdates w/o user intervention is beyond nuts.

  • 89. Re: crsud process with security update 2013-001
    andyBall_uk Level 7 Level 7 (20,320 points)

    >>what if this is the only way going forward that Snow will be getting security updates...I guess we need to know more.

    Yes indeed - I'd hope that Apple would say something if that became so.

1 4 5 6 7 8 Previous Next