Re: Mac OS: Vulnerability with StuffIt

2002-11-04 Thread Ben Bucksch
Ben Bucksch wrote: To my knowledge, they have been notified by the bug finders from the beginning. I forgot to mention the bug number:

Re: Mac OS: Vulnerability with StuffIt

2002-11-04 Thread Ben Bucksch
Chris LeBlanc wrote: I would send something like this on to the people at StuffIt and Apple Quicktime team. To my knowledge, they have been notified by the bug finders from the beginning.

Re: Mac OS: Vulnerability with StuffIt

2002-11-04 Thread Chris LeBlanc
Ben, I would send something like this on to the people at StuffIt and Apple Quicktime team. Maybe there could be a special type of mount, or a flag, that stuffit uses that would alert Quicktime to not autostart any applications but ask the user first. The problem for the Mozilla team with thi

Mac OS: Vulnerability with StuffIt

2002-11-02 Thread Ben Bucksch
There is a severe vulnerability in the combination of browser (pretty much any browser), StuffIt and Quicktime on Macs. Often, StuffIt is configured to automatically open files that it can handle on behalf of the browser. For example, if you click on a link with a sit file, StuffIt is being cal