On May 19, 2004, at 10:06 PM, Cotty wrote:
(quoting someone else)
"AppleHelp"on how to disable this service, i really don't know. I haven't a Mac. But mac is all about mouse, so there should be some option called(as Cotty suggested) somewhere. Cotty is suggesting to disable it, I don't
know if there are any drawbacks.
No - I don't have a clue what you're talking about. I need an idiot's
guide here. Personally i might prefer rm -rf *if I iknew what the hell it
was* !
Oh all right.
"rm" is a unix shell command which removes files (ie delete). A lot of unix commands are very short and cryptic-looking, because they are named to be quick & easy to type.
The "-rf" options indicate (r)ecursively delete directories, and (f)orce deletion regardless of permissions or anything else the system might complain about (provided you're allowed to override these).
"/" indicates the root directory, the top-level, which contains the entire filesystem. As another aside, Apple made one of the best desktop environment design decisions I've ever seen, in that they actually hid much of the internal structure of the filesystem from the desktop.
So "rm -rf /" wipes your whole hard drive. If you have the permissions to do it. Because the exploit actually opens a terminal, it could theoretically do this, but note that the guy could not get a command with spaces to work. I have ideas for possible easy ways around this, though.
On Mac OS X, only the "root" user can do this, and the root user isn't even enabled by default. "Administrator" users have limited root-like powers but you need to enter your password each time you try to do anything potentially damaging.
Now this AppleHelp service... I don't think its a service in the same terms as file sharing, ftp access or remote login. It certainly isn't listed in my services panel (under Sharing in the system preferences). So if it can be disabled, it might not be a trivial thing to do.
I'm just going to wait for Apple to release a patch, and get on with my life :)
Cheers,
- Dave
http://www.digistar.com/~dmann/
