• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Run Only
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Run Only

  • Subject: Re: Run Only
  • From: Rob Jorgensen <email@hidden>
  • Date: Tue, 19 Dec 2000 22:12:53 -0500
On 12/19/2000, Chris Nebel commented on "Re: Run Only":

Rob Jorgensen wrote:

Main question: Is there any way to use a script such as this to peek
inside a run-only script (is the script text stored in the
resources?), allowing it to perform a similar keyword check?

Sort of. AppleScript never stores the source text in a saved script, it
just saves enough information to let it reconstruct the source, assuming
all the terminology is still available. (This is why scripts turn into
raw event codes if an application goes missing.) A run-only script
strips out most of that information, leaving only enough to execute the
script. This happens to include the event codes, so you could, for
example, look for "fndrempt", which is the event code for the Finder's
"empty" verb. Of course, this requires grovelling through the scpt 128
resource as raw data -- not recommended for the faint of heart.

Ok, thanks. I just did some quick testing and was able to script the reading of the resource, and then search for, and find, "fndrempt" in the result. Now I'll just need to do some research to learn the event codes for other possible "harmful events". This just might work. :-)


> -- Begin related but off-topic shtuff --

On a similar note, FileMaker files are another source of concern for
the same reason. (Terrible trojan horse experiment trimmed)

Yes, I know it was terrible, and let me make it clear that it was for my test purposes only. The file never left my computer, and it never will.

<snip the great explanation regarding security>

Thanks for reminding everyone about the common sense approach one needs to take when contemplating the use of unknown files. Virus checking programs are great, but they can't always be expected to catch everything, and they are no substitute for common sense. This is why I am inspired to do some digging on my own. :-)


In the meantime, use basic common sense (don't run attachments sent to
you by people you don't know!), and if you know how, go ahead and write
an AppleScript virus checker!

Well, I don't know how, but I'm going to pursue this and see what type of script I can come up with which will analyze the contents of a script (particularly run-only) before running it.

Thanks for your feedback.

Later,

Rob Jorgensen
Ohio, USA

References: 
 >Run Only (From: Rob Jorgensen <email@hidden>)
 >Re: Run Only (From: Chris Nebel <email@hidden>)

  • Prev by Date: Stay Open Applet freezes computer when told to quit.
  • Next by Date: Re: Silly program, version 1.0.1
  • Previous by thread: Re: Save as
  • Next by thread: Re: Run Only
  • Index(es):
    • Date
    • Thread