One day after Apple released 10.4.11 and accompanying security update, Apple has now released 10.5.1 and accompanying security update. 10.5.1 not surprisingly addresses the major reliability issues that have come up in Leopard’s first few weeks of shipping, and its security update addresses the major security issue that has come up: the built-in firewall. It does not appear to address the Back to My Mac security issue first brought to light here.

Starting with the 10.5.1 update itself, it does claim it “improves the reliability of Back to My Mac-enabled Macs appearing in the Finder's Shared Sidebar.” However we have confirmed here that Back to My Mac still usually bypasses the file and screen sharing password you set for the machine being shared. There’s still no official Apple word specifying this policy, as far as we’re aware.

The update release notes also claim fixes to the “application firewall.” The security update release notes go into more detail, with all three listed fixes being to that firewall:

1. • The "Block all incoming connections" setting for the firewall is misleading [they’ve renamed it to “Allow only essential services”].
   

2. • Processes running as user "root" (UID 0) cannot be blocked when the firewall is set to "Set access for specific services and applications" [they’ve fixed this].
   

3. • Changes to Application Firewall settings do not affect processes started by launchd until they are restarted [they’ve fixed this].
   

Apple has also significantly revised the application firewall tech note it published just a few days after Leopard shipped. Changes include:

1. • Mention that the firewall doesn’t protect AppleTalk.
   

2. • The fact that ipfw technology (used by previous built-in firewalls as well as our DoorStop X firewall) is still included and operates ahead of the application firewall.
   

3. • Details of the “essential services” that are never blocked by the built-in firewall (and thus require a third-party firewall like ours for blocking). Specifically listed are configd (used for DHCP), mDNSResponder (used for Bonjour) and racoon (used for IPsec, a technology used in VPNs and Back to My Mac).
   

4. • More details about how code signing interacts with the firewall (which has apparently been changed to work better with applications like Skype which broke previously).
   

It’s good to see Apple realizes that there are significant problems with Leopard’s built in firewall, and has reacted quickly. There are probably more fixes to come however.