Monday, October 12, 2009

This is why I don't do early OS X updates

Some people soar over the battlefield of life. They ride the soft thermals ... until they crash and die.

But we won't go there.

That's not me. On the field of life I'm infantry. It's ok, I've got lots of company.

So I just know that this 10.6 bug would have whacked me ...
More on Snow Leopard deleting user accounts after guest login | MacFixIt - CNET Reviews
... The problem seems to happen only when guest accounts were enabled for login under Leopard before updating to Snow Leopard...
It's quite a bug. It's a bit like a personal version of the Danger Microsoft Sidekick --log out and your data is gone. (Though it's perhaps possible to resurrect it, and everyone has backups ... Right?)

Good thing I still remember my scars from 10.4 and 10.5. So while we do use guest accounts on 10.5, we weren't affected because... we're still on 10.5.

There are some good things about 10.6. I'm looking forward to updating my MacBook around March 2010.

Apple needs to start doing open beta testing and give up on making their OS X releases great big secrets.

Update 10/13/09

Regarding the "Guest" account data loss issue, the symptoms sound very similar to those affecting Leopard users until the release of 10.5.5. Given the similarities, one might suspect the reuse of buggy code.

The 10.5 flaw actually had two facets - one is that the wrong home folder may be deleted. The other is that the same flaw permits login to non-Guest accounts without a password. See CVE-2008-3610 here:

About the security content of Mac OS X v10.5.5 and Security Update 2008-006
Description: A race condition exists in Login Window. To trigger this issue, the system must have the Guest account enabled or another account with no password. In a small proportion of attempts, an attempt to log in to such an account will not complete. The user list would then be presented again, and the person would be able to log in as any user without providing a password. If the original account were the Guest account, the contents of the new account will be deleted on logout. This update addresses the issue by properly clearing Login Window state when the login does not complete. This issue does not affect systems prior to Mac OS X v10.5.

Based on reports on the web, it appears that both aspects are present in Snow Leopard, and some users claim to have established the requirements for reproducibility. I don't have Snow Leopard so unfortunately can't test things for myself, but because of the implications, will refrain from posting a link to instructions. If confirmed, the key point would be that unlike Apple's assurances that it is something that occurs only in extremely rare cases, it may well be something that is guaranteed to be triggered based on a specific sequence of events, the likelihood of which may not be so "extremely rare" depending on an individual's habits.

Regardless, since the file deletion appears to be directly tied to the resetting feature of the "Guest" account, disabling GUI login for "Guest" should prevent that aspect from being triggered, and not having any passwordless accounts enabled (including "Guest") should take care of the other

I'd disabled the Guest account on my 10.5 machine, but based on this post I didn't have too. This was fixed for 10.5. Interesting that it could also hit accounts that have no password (eg. my mother's).

Pretty depressing if Apple restored a 10.5 bug of this magnitude in 10.6.

No comments: