Security Update 2007-004 Special Report: Files modified by this update

Security Update 2007-004 is relatively far-reaching update. Though it modifies only a handful of user-level applications, it makes changes to kernel extensions used for wireless networking with AirPort hardware, the programs for mounting various network volumes, and a number of other key system components. A partial list of modified files is follows:

/Applications

• Installer.app (for installing Mac OS X applications)

/sbin

• mount_smbfs (used to mount SMB [Samba] shares)
• mount_afp (used to mount AFP [Apple filesharing protocol] shares)
• fsck (the program for checking the consistency of and repairing Mac OS X filesystems)
• mount_webdav (used to mount WebDAV shares like the .Mac iDisk)

/System/Library/CoreServices

• Help Viewer.app (for viewing standard help files)
• loginwindow.app (manges user login)

/System/Library/Extensions (files stored here are kernel extensions -- items that are used to interact through an abstraction layer with the Mac OS X kernel, and can be implicated in kernel panics and other issues)

• webdav_fs.kext (used for interacting with WebDAV filesystems)
• AppleAirPort.kext (used for driving built-in AirPort hardware)
• smbfs.kext (used for interacting with SMB filesystems)
• IOHIDFamily.kext (used for mounting disk images)

/System/Library/Filesystems

• URLMount (used for mounting filesystems through URLs)
• webdav.fs (used for interacting with WebDAV filesystems)
• AppleShare (used for mounting filesystems through AppleShare0
• smbfs.fs (used for mounting SMB filesystems)

/System/Library/Frameworks

• CoreServices.framework
• Kerberos.framework (this is a framework used for network service authentication; hence it can be implicated in problems logging into servers and other issues)
• AppleShareClient.framework
• System.framework
• AppleShareClientCore.framework

/usr/bin

• fetchmail
• gnutar (for working with tar compressed files)
• kpasswd (associated with kerberos services)
• smbutil (used in access to SMB shares)

As with all significant updates, it is important to take note of which files are modified by Security Update 2007-004 so that if a problem occurs after its installation, you can reasonably surmise whether or not there is a potential that the update was culpable. For instance, the update has caused issues with AirPort connectivity for a number of users -- a problem that can potentially (albeit not necessarily) be linked to the update's modification of the AirPort kernel extension: /System/Library/Extensions/AppleAirPort.kext.

The update has also posed serious issues with login, which may be associated with modifications to /System/Library/CoreServices/loginwindow.app

Finally, users have experienced issues with accessing network volumes, problems that could be tied to modifications made to SMB and AFP components, as well as changes to the kerberos authentication architecture.

Index:

• Release notes, update recommendations
• Common fixes
• Files modified by this update

• Active Directory login issues
• AirPort connectivity issues, fixes
• Cannot connect to local servers (Error -35)
• Files in Finder cannot be renamed
• Flash playback not working
• FTP security issue
• Login problems: users cannot login after update

Resources