Not as bad as thought (Was: Major Tiger AppleScript security hole?)
Not as bad as thought (Was: Major Tiger AppleScript security hole?)
- Subject: Not as bad as thought (Was: Major Tiger AppleScript security hole?)
- From: Stephen Jonke <email@hidden>
- Date: Thu, 23 Jun 2005 11:40:56 -0400
Ok, it does work in the specific situation I described, and I'm not
sure it should, however, it does not work when logged in remotely as
that other user,. If you try to do that they you get the message:
kCGErrorRangeCheck : Window Server communications from outside of
session allowed for root and console user only
INIT_Processeses(), could not establish the default connection to
the WindowServer.Abort trap
And it doesn't do anything. So this at the least is not as bad as it
first seemed, and perhaps isn't a security risk at all. It only seems
to work if, while logged in, you su to a different user and then do
it from there. At least in so far as I've been able to tell so far.
Steve
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Applescript-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden