site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com User-agent: Microsoft-Entourage/11.1.0.040913 On 3/22/05 10:53 AM, Brian Kendall at bjk02@hampshire.edu wrote:

Fortunately, the good news with any kernel extensions is that there's *NO* way to install them without the user knowing exactly what you're doing and without them typing in an administrator password, which is probably one of the main reasons we don't come across Mac OS X viruses.

- Brian

You really think so? I don't think any commonly used installer for OS X exposes to the user what it is doing, unless the person who built it explicitly takes extra effort to make it do so [making it semi-pointless, because the end-user has to trust that the information is accurate]. If you need to do much of anything, like install files into /Library/ or even /Applications/, you need the user to bang in the password, and once they do that, all bets are off. Heck, even the authentication password entry dialog is easy enough to fake [ie, the installer could install a phony application in /tmp, and have that application present the Auth dialog for example, which can verify the password by executing a test shell script]. Maybe it's more clear in 'darwin', because installers are non-GUI shell scripts that you can read before executing them... :-) Later, -- David Rehring Psychos do not explode when light hits VP of Research and Development them, no matter how crazy they are... Atimi Software, Inc. www.atimi.com And totally insane guy! _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com