| |
mamamusings: serious os x 10.3 security problem
by Decius at 9:17 am EDT, May 19, 2004 |
] Essentially, Mac browsers (including Safari, Mozilla, and
] Firefox) are all designed to launch the Help Viewer
] program when the help: protocol is invoked in a web link.
] Unfortunately, the Help Viewer program, in turn, is able
] to run scripts. What this means is that a malicious user
] can set up a page with an automatic redirect that runs a
] dangerous script. More details for the tech-minded can be
] found on this MacNN thread. And if you want a terrifying
] (but harmless) example of this, go to
] http://bronosky.com/pub/AppleScript.htm. It will launch
] Terminal and run a harmless du command |
mamamusings: serious os x 10.3 security problem
by k at 9:38 am EDT, May 19, 2004 |
] Essentially, Mac browsers (including Safari, Mozilla, and
] Firefox) are all designed to launch the Help Viewer
] program when the help: protocol is invoked in a web link.
] Unfortunately, the Help Viewer program, in turn, is able
] to run scripts. What this means is that a malicious user
] can set up a page with an automatic redirect that runs a
] dangerous script. More details for the tech-minded can be
] found on this MacNN thread. And if you want a terrifying
] (but harmless) example of this, go to
] http://bronosky.com/pub/AppleScript.htm. It will launch
] Terminal and run a harmless du command [ damn. that sucks. -k] |
There is a redundant post from Rattle not displayed in this view.
|
|
