Title: Re: [off] First major security exploit in OS X
You remember incorrectly, Remo, and offer a solution that's worse. Go read this link, as Peter recommended:
http://www.euronet.nl/~tekelenb/playground/security/diskURLscheme/
As Peter says, it's the best explanation on the subject.
--
Paul Berkowitz
From: Remo Del Bello <[EMAIL PROTECTED]>
Reply-To: "Entourage:mac Talk" <[EMAIL PROTECTED]>
Date: Fri, 21 May 2004 18:37:49 -0700
To: "Entourage:mac Talk" <[EMAIL PROTECTED]>
Subject: Re: [off] First major security exploit in OS X
On 5/21/04 7:11 AM, Peter C.S. Adams deftly typed out:
> Here is the best explanation I have found on the subject:
>
> http://www.euronet.nl/~tekelenb/playground/security/diskURLscheme/
>
> Here is a link to Unsanity's Paranoid Android, a hack that allows you to
> protect yourself temporarily until Apple realizes this is a real security
> hole and issues a fix.
>
> http://www.unsanity.com/haxies/pa/
If I remember correctly, Paranoid Android fixes the vulnerability by mapping help:// URLs to another app other than Help Viewer. This has the side effect of possibly disabling Help in some applications.
The following two lines, when run in Terminal will disable Help Viewer's ability to run AppleScripts and/or shell commands thereby disabling the security hole while leaving Help available in all apps:
sudo defaults write /System/Library/CoreServices/Help\ Viewer.app/Contents/Info NSAppleScriptEnabled -bool 'false'
sudo chmod 644 /System/Library/CoreServices/Help\ Viewer.app/Contents/Info.plist
The first line modifies Help Viewer so that it cannot run AppleScripts (and therefore shell commands as it uses AS to run them). The second fixes a permission issue with Help Viewer caused by the first command. To undo the fix in preparation to install Apple's eventual fix, just change 'false' in the first command to 'true'.
-Remo Del Bello
--
"The knee bone's connected to the...something. The something's connected to the...red thing. The red thing's connected to my...wrist watch. Uh oh."
- Dr. Nick Riviera on The Simpsons
- Re: Entourage X connects, 2004 doesn't Roger Carlson
- <no subject> Tom Chirpich
- Re: <no subject> Paul Berkowitz
- Re: <no subject> Beth Rosengard
- Office 2004: Entourage installs fonts that... Tom Chirpich
- Re: Office 2004: Entourage installs fonts ... Barry Wainwright
- Re: Office 2004: Entourage installs fonts ... Tom Chirpich
- Re: Office 2004: Entourage installs fonts ... Tom Chirpich
- Re: Office 2004: Entourage installs fonts ... Hes Nikke
- Re: [off] First major security exploit in OS X Julian Vrieslander
- Re: [off] First major security exploit in OS X Paul Berkowitz
- Re: [off] First major security exploit in OS X Remo Del Bello
- OE to 2004: sending problem Tom Chirpich
- Re: OE to 2004: sending problem Tom Chirpich
- Re: OE to 2004: sending mail Tom Chirpich
- Re: OE to 2004: sending mail Diane Ross
- Re: OE to 2004: sending mail Tom Chirpich
- Re: OE to 2004: sending problem Diane Ross
- Rule to delete from address book? Mark Goodman
- Re: Rule to delete from address book? Geoff WALLACE
