Re: AppleScript & HTML Again...
Re: AppleScript & HTML Again...
- Subject: Re: AppleScript & HTML Again...
- From: "John C. Welch" <email@hidden>
- Date: Thu, 25 Mar 2004 23:38:36 -0600
On 3/25/04 10:04 PM, "Gary (Lists)" <email@hidden> wrote:
>
> I don't *care* what the target is. I can't see the source and verify it's
>
> safety, or lack thereof for myself. Ergo the risk is unacceptable.
>
>
Bunk. Again.
>
>
You can't see the code of MOST programs. That doesn't stop you from using
>
them.
No. But when they connect running applications to HTML code, they better
spell out exactly how that connection is created.
>
>
You clearly don't know what Missing Link is -- or is not -- since you
>
already said that you didn't even use it, presumably because you couldn't
>
"verify the code" (and who are you to verify code anyway?)
When it runs on a machine on a network I have administrative responsibility
for, it's MY JOB to do my best to make sure that I know what that
application is going to do ESPECIALLY when it has the potential for problems
that this does.
>
>
Anyway, this kind of know-nothing banter is partly why Peter has such a cool
>
tool and little audience. Threads on the topic get so muddled with everybody
>
who has two PC's and a printer thinking they're a network administrator and
>
preaching security -- and then publishing the fact that they didn't even try
>
to software.
>
Try again dude...I'm talking about macs on an enterprise network, not
someone's home office. Security is a way of life. It was worse at MIT, when
I worked for central IS there. I did look at the software, started it up,
(at least it's not opening ports, thank god). But the lack of explicit
security thought is not a minor issue to me, and a lot of people. I deal
with the results of one company's bad security practices every day. It's not
a minor problem.
>
If you have a real concern, then spell it out clearly. Otherwise, step back
>
and let Peter and others have their say about how it actually _works_.
I have. How does this application prevent someone from beating on it until
the URL structure is really well known, then using remote javascripts from a
web site to connect to an application on the mac and doing damage?
I don't know. It's not in the release notes. It's not in the docs. I can't
see the source, so that avenue is denied to me.
So what I have is an application that allows execution of local applications
or scripts via a URL scheme of unknown security, that may or may not be
vulnerable to remote attacks from scurilious web sites.
The problem is, reading back on Peter's statements:
"Again, I stress that ML is intended for local use only. However, there
are certain safeguards 'built in'. The user may choose a unique name for
the protocol. "
That's security via obscurity. Remember, you don't need a LOT of success to
do damage. A couple hundred machines out of a couple thousand attempts will
work.
"Any link that is not prefixed by the proper protocol name
will be ignored by the ML 'engine'. "
"Hey guys, I'm really having a hard time with Missing Link, could someone
provide me examples of how they're using it?"
Congratulations, examples of proper protocol names have been provided. If
one person using Missing Link is doing it that way, they probably aren't
alone. In this case, patience reaps rewards.
"It is, in a sense, a passworded protection. "
It is nothing of the sort. It's obfuscation protection.
"Additionally, the engine only handles links with addresses absolute or
relative to the local machine(s). If it's fed an improperly addressed link,
it errors and quits. Relative links are relative only to user created and
uniquely named folders or items within the Application Support folder."
You mean like:
/usr/bin/osascript?
That's a VERY handy little absolute file address. Guess what I can do with
access to that? What protections agains that kind of absolute file path is
there?
Now, if there were some code in this forcing an actual password, that would
work for me. Not a "kinda" password, but an actual password. Hey, store it
in the keychain, that's fine too. But something besides relying on luck.
AppleScript is not just some silly script language. It has hooks into
everything, and *anytime* you seek to extend those hooks you MUST think of
how to keep that code from doing evil. I'm sorry that the world is like
that, but that's just the way it is. Maybe if MS had thought about that a
LITTLE more, we wouldn't have the Virus duJour hammering email servers and
screwing things up for all of us.
john
--
Some days, you just have to pimp - slap people with the hard, cold glove of
reality.
john c welch
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.