Adobe Photoshop CS2 ver 9.0

By: Scott Doenges - Revised: 2007-06-08 richard

Adobe Photoshop CS2 Iconhttp://www.adobe.com/products/photoshop/main.html

Photoshop CS2 literally has thousands and thousands of files that have risky permissions for a multi user environment. Rather than list them all here we have chosen to just highlight some that are particularly glaring. Keep in mind these security risk audits were done after applying all updates availiable from Adobe as of April 2006.

The following is of files and directories that have bad permissions, or in the case of certain directories we listed them because they contain files that have bad permissions.
  • mode x777, perm symbols -rwxrwxrw

    ./Applications/Adobe Photoshop CS2/
    ./Applications/Adobe Bridge/Bridge.app/Contents/
    ./Applications/Adobe Photoshop CS2/Adobe ImageReady CS2.app
    ./Applications/Adobe Photoshop CS2/Adobe Photoshop CS2.app
    ./Library/Application Support/Adobe/
    ./Library/ScriptingAdditions/Adobe Unit Types
    ./Users/mac/Library/Caches/Cleanup At Startup
    ./private/var/root/Library/Caches

  • mode x666, perm symbols -rw-rw-rw

    ./Applications/Adobe Bridge/Bridge.app/Contents/Frameworks/
    ./Applications/Adobe Bridge/Bridge.app/Contents/Libraries/
    ./Applications/Adobe Bridge/Bridge.app/Contents/Plugins/
    ./Applications/Adobe Bridge/Bridge.app/Contents/Resources/
    ./Applications/Adobe Photoshop CS2/Adobe ImageReady CS2.app/Contents/
    ./Applications/Adobe Photoshop CS2/Adobe Photoshop CS2.app/Contents/
    ./Applications/Adobe Photoshop CS2/Legal.localized/
    ./Library/Application Support/Adobe/
    ./Library/Application Support/Adobe/AdobeHelpData/
    ./Library/Application Support/Adobe/Installer/Logs/
    ./Library/Application Support/Adobe/Updater/
SetUID, or SUID special mode bits are a security risk, especially when the owner is the root user and should not be used unless absolutely necessary. When a user executes a file that has the SUID bit set, the program runs with the system access permissions of the user who owns that program and not with the permissions of the user who executed it. SetUID Special Mode Bits are defined where executables run with the owner permissions.
  • mode: 4xxx, perm symbols: ---S------

    ./Library/Application Support/Adobe Systems/1.21.005/Adobe LM Service 4755