Scott Anguish of
Stepwise says there’s a “serious security exploit” in Mac OS X 10.1 and previous versions of the operating system.
“Using this exploit any user at the Desktop can gain root access to the machine,” he writes. “This is a serious problem, and works even if the root user has never been enabled on the machine. Apple will need to release an update to Mac OS X 10.1 to ensure that this exploit is closed. Apple is aware of this issue, and a fix is already in progress.”
Anguish explains the problem, how it can be demonstrated, and offers more details in his article.