Re: Run Only
Re: Run Only
- Subject: Re: Run Only
- From: Chris Nebel <email@hidden>
- Date: Tue, 19 Dec 2000 15:24:21 -0800
- Organization: Apple Computer, Inc.
Rob Jorgensen wrote:
>
on open {theScript}
>
load script theScript
>
set sText to result as text
>
>
if sText contains "delete" or sText contains "trash" ...
>
>
Main question: Is there any way to use a script such as this to peek
>
inside a run-only script (is the script text stored in the
>
resources?), allowing it to perform a similar keyword check?
Sort of. AppleScript never stores the source text in a saved script, it
just saves enough information to let it reconstruct the source, assuming
all the terminology is still available. (This is why scripts turn into
raw event codes if an application goes missing.) A run-only script
strips out most of that information, leaving only enough to execute the
script. This happens to include the event codes, so you could, for
example, look for "fndrempt", which is the event code for the Finder's
"empty" verb. Of course, this requires grovelling through the scpt 128
resource as raw data -- not recommended for the faint of heart.
>
-- Begin related but off-topic shtuff --
>
>
On a similar note, FileMaker files are another source of concern for
>
the same reason. (Terrible trojan horse experiment trimmed)
Security is a real concern of ours, and it's something we'd like to
improve. Unfortunately, AppleScript was written without any sort of real
security model. AppleEvents have some security, but only when sending to
other machines. It's assumed that if the events are going to the same
machine, it's all under the user's control. In these days of
automatically downloaded software, of course, this isn't really true any
more.
Ultimately, it comes down to a question of verification and trust. For
any script you're going to run, you have to be able to answer:
1. Who's the author of this script, and how much do I trust them?
2. Did the claimed author *really* write it?
3. If so, is it still the same thing they sent out?
There are known techniques for answering these questions, but they either
aren't implemented in Mac OS yet, or require script authors to jump
through some very tough hoops. Once you can answer those three, you have
to decide what your policy is for various authors. Do you trust them
completely? Not at all? To do some things, but not others? The first
two are easy -- either you let the script run or you don't -- but the
third involves all sorts of tricky access control issues. It'll be a
while before we can seriously address all this.
In the meantime, use basic common sense (don't run attachments sent to
you by people you don't know!), and if you know how, go ahead and write
an AppleScript virus checker!
--Chris Nebel
AppleScript Engineering
References: | |
| >Run Only (From: Rob Jorgensen <email@hidden>) |