Re: Unsafe handlers revisited - Now Fixed
Re: Unsafe handlers revisited - Now Fixed
- Subject: Re: Unsafe handlers revisited - Now Fixed
- From: "John C. Welch" <email@hidden>
- Date: Sun, 23 May 2004 04:39:53 -0500
On 5/23/04 2:59 AM, "Sander Tekelenburg" <email@hidden> wrote:
>
> Ran some tests...if you disable the disk and disks URI scheme in launch
>
> services, the Unsanity exploit fails to do anything.
>
>
I hate to disappoint you but: only the one that uses the disk scheme schemes.
>
There appear to be plenty more schemes that are more than willing to mount
>
remote disk images. Already 2 POCs that use ftp have been published. Are you
>
going to disable ftp too?
It opens up Transmit, and gives me a nice directory listing of the /idink
directory on unsanity.com. I'm sorry, was this expecting the Finder to
handle my FTP?
That doesn't strike me as a very reliable exploit, but if you haven't
changed anything, I imagine it could be.
>
>
Read my update at
>
<http://www.euronet.nl/~tekelenb/playground/security/URLschemes/>.
The other schemes don't work either. I find it simpler to just disable the
URI schemes or assign them to better applications. I don't see AFP being a
real problem here, but if someone wants to prove me wrong, by all means,
please do.
>
>
>
The good news is that clearly none of this has anything to do with
>
AppleScript (assuming the applescript: URL scheme is safe) so AppleScript's
>
good name hopefully won't be trashed any further ;) So let's move this thread
>
elsewhere. <news:comp.sys.mac.system> is appropriate.
The S/N ratio on newsgroups is utter garbage, so I gave up on them almost a
decade ago. Besides, this is appropriate to anyone developing on the Mac.
john
--
"Indentation?! -- I will show you how to indent when I indent your skull!"
- 9th most commonly uttered Klingon programmer phrase
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.