Re: Security Update [Was: Re: Script Library Search Order]
Re: Security Update [Was: Re: Script Library Search Order]
- Subject: Re: Security Update [Was: Re: Script Library Search Order]
- From: Chris Page <email@hidden>
- Date: Thu, 21 Jan 2016 18:02:15 -0800
> On Jan 20, 2016, at 5:58 AM, has <email@hidden> wrote:
>
> Martin Orpen wrote:
>
>> Today’s Security Update:
>>
>> OSA Scripts
>> Available for: OS X El Capitan v10.11 to v10.11.2
>> Impact: A quarantined application may be able to override OSA script
>> libraries installed by the user
>> Description: An issue existed when searching for scripting
>> libraries. This issue was addressed through improved search order and
>> quarantine checks.
>> CVE-ID
>> CVE-2016-1729 : an anonymous researcher
>
> [The System/Security Update] just means user-installed libraries can now accidentally mask library-supplied ones...
Was “library-supplied” supposed to be “application-supplied”?
> ...plus searching every .app bundle _automatically_ makes the initialization process needlessly slow/stale.
Have you observed a specific performance issue with library lookup on 10.11-10.11.2 that you can report? There are several strategies in place to make it efficient.
If so, have you compared the performance with the 10.11.3 version? It should be even faster than before, so if there was a performance issue it should have been resolved.
--
Chris Page
The other, other AppleScript Chris
_______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users
This email sent to email@hidden