Re: disk:// and help:// security problems
Re: disk:// and help:// security problems
- Subject: Re: disk:// and help:// security problems
- From: Jonathan Wight <email@hidden>
- Date: Mon, 17 May 2004 23:58:32 -0400
On May 17, 2004, at 21:53, Allan Odgaard wrote:
>
> As a programmer I would say it's not a bug it's a feature.
>
> If you don't like it, just turn it off ("Open 'safe' files after
>
> download").
>
> And pay attention to rule 1: Never download from a source you can't
>
> trust.
>
>
Did you read the exploit? I can post an innocently looking http link
>
to this forum, and by clicking it (w/o taking further actions) you
>
allow me to execute custom code on your machine.
>
Actually that's slightly incorrect I believe. You need two URL's one to
download a malicious AppleScript and then the help:// URL to cause it
to execute.
Also the user must have auto-open 'safe' downloads turned on _and_ have
his/her download location known to the attacker (probably ~/Desktop).
Technically you can get rid of the first URL if there are already
inadvertently malicious AppleScripts installed as part of a basic Mac
OS X installation. But I'd be surprised if any default Mac OS X
apple-scripts would be anything other than annoying/inconvenient.
Jon.
[demime 0.98b removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.