• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Unsafe handlers revisited
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Unsafe handlers revisited

  • Subject: Unsafe handlers revisited
  • From: Michelle Steiner <email@hidden>
  • Date: Fri, 21 May 2004 10:24:39 -0700
Check out this site:

http://daringfireball.net/2004/05/unsafe_uri_handlers

Disabling Unsafe URI Handlers With RCDefaultApp

Thursday, 20 May 2004

The crux of the Mac OS X security advisory announced earlier this week is that certain of the systembs default handlers for custom URI protocols expose exploitable security holes.
b*
The bhelp:b protocol, by default assigned to Help Viewer, can be used to execute script files at a known path location on your computer.
b*
The bdisk:b and bdisks:b protocols, by default assigned to DiskImageMounter, allow disk images to be mounted in your file system automatically.

The basic idea behind the exploit is that a malfeasant could set up a web page that (a) mounts a disk image on your system, and then (b) uses the bhelp:b protocol to trick Help Viewer into executing a malicious script at a known path location on the disk image volume automatically mounted in step (a).

This is for real, and potentially nasty. I have yet to see any reports of the exploit actually being used maliciously, but itbs worth protecting against. Here are a few simple things you can do to protect your system:
1.
Download RCDefaultApp, a free System Prefs panel from Rubicode. Install it in the PreferencePanes folder in your Library folder.
2.
Open System Prefs, then open the new Default Apps panel.
3.
Click on the bURLsb tab.
4.
Set the bdisk:b, bdisks:b, and bhelp:b protocols to b<disabled>b.

Update: You should also disable to the btelnet:b protocol; see here for details.

You should also open Safaribs preferences, and turn off the checkbox bOpen bsafeb files after downloadingb b when turned on, this setting allows disk images to be mounted automatically.

The fact that Help Viewer can execute scripts specified via bhelp:b protocol URIs is a feature that ostensibly allows for the creation of somewhat interactive help books. E.g. an applicationbs help book could contain an AppleScript, linked from the help bookbs HTML, that would illustrate some particular point. However, Ibm unaware of any help books that actually use this feature.

Disabling the bhelp:b URI protocolbs connection to Help Viewer will not affect your normal use of the Help Viewer application.

Why RCDefaultApp

MisFox and More Internet are similar utilities to RCDefaultApp, and are also both free, but there is an important difference. MisFox and More Internet both only show URI protocols registered through the Internet Config system; RCDefaultApp also shows protocols registered directly through Launch Services.

As I noted a few weeks ago in bFixing Corrupt Preferences for Default Internet Helpersb, Internet Config is a set of APIs that dates back to System 7. On Mac OS X, the Internet Config APIs are still supported, but theybre just a layer on top of Launch Services. From Applebs bInternet Config Reference Introductionb:

Mac OS X applications should employ Launch Services and System Configuration for managing Internet preferences. In Mac OS X, Internet Config calls through to these newer APIs. Using them directly increases your applicationbs efficiency.

The bdisk:b and bdisks:b protocols are registered directly in Launch Services, which means they arenbt displayed in MisFox or More Internet. I.e., RCDefaultApp shows all the protocol handlers registered on your system; MisFox and More Internet only display the protocols that are registered through Internet Config.

Plus, version 1.1 of RCDefaultApp, released earlier this week, introduced the feature that allows you to assign a protocol to b<disabled>b. This is a more elegant solution than assigning these protocols to dummy applications, such as Mac OS Xbs Chess game.

--
Don't anthropomorphize computers. They hate that.
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: Unsafe handlers revisited
      • From: roncross <email@hidden>
    • Re: Unsafe handlers revisited - Now Fixed
      • From: Martin Orpen <email@hidden>
  • Prev by Date: Re: Minimizing non-Frontmost Windows
  • Next by Date: Re: AppleScripting Blank CDs
  • Previous by thread: GUI scripting in Quark
  • Next by thread: Re: Unsafe handlers revisited - Now Fixed
  • Index(es):
    • Date
    • Thread