Re: new venerability on macosxhints through Safari
Re: new venerability on macosxhints through Safari
- Subject: Re: new venerability on macosxhints through Safari
- From: roncross <email@hidden>
- Date: Wed, 19 May 2004 22:01:17 -0700
Sorry, I meant to write that I will try my best not to repeat it. thx
RLC
As far as I know, I have not broken any rules. If I have broken any
rules, please point it out to me and I will not try my best to not
repeat it.
On May 19, 2004, at 9:57 PM, roncross wrote:
I am not trying to be rude. I am only try to inform people of the
venerability's of certain security risk. Sure the first post was a
malicious applescript that someone wrote and hid it in an icon to wipe
out the home directory of suspected users. What did I learn from this
lesson? Backup, backup, backup and don't download from non-trusted
and p2p sites.
Actually, after digging into the helper protocol further, the problem
was not with the OpnApp.scpt. the problem is with the protocol helper
allowing someone to exploit it through writing a script. Apple is
working hard to fix this one by now.
As for rights, what I simply meant is that as long as I follow the
rules - like everyone else, I can post just like all the other members
on the list. As far as I know, I have not broken any rules. If I
have broken any rules, please point it out to me and I will not try my
best to not repeat it. I looked for the list of rules, but I am not
able to find them. Maybe you can point me in the right direction.
thx
RLC
On May 19, 2004, at 8:16 PM, John C. Welch wrote:
On 5/19/04 9:30 PM, "roncross" <email@hidden> wrote:
This is just to point out the fact that applescript can be used in a
malicious manner or used inappropiately. I have a right to post this
whether you agree with it or not. Whether you like it or not. If
you
don't agree with it, then don't read it and move on as you would put
it.
The same can be said of ANY programming language from AppleScript to
Assembly and all levels in between.
The implication that AppleScript somehow makes this worse or better
of an
exploit is incorrect. Applescript is a programming language, and as
such is
precisely as dangerous as the person using it. ObjC is quite
dangerous in
the wrong hands, as is a good assembler.
Your 'rights' have nothing to do with anything, and speaking
pedantically,
on a private list, you have no rights other than what the list
management
chooses to give you. That's just communication noise.
I'm just glad that the list serv stripped out the four image
attachements
that you felt everyone on this list needed to download and view.
john
--
"Kill one, terrify a thousand."
- Sun Tzu
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.
thanks
Ronald Cross
thanks
Ronald Cross
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.