Linked by Thom Holwerda on Tue 21st Feb 2006 17:59 UTC
Mac OS X "[Last week], we reported on a Trojan horse for Mac OS X that is just like the entry for Earth in the Hitchhiker's Guide to the Galaxy in that it is mostly harmless. A new vulnerability targeted at Apple's home-grown web browser, Safari, is another matter entirely. A German security firm appears to have been the first to discover the Safari flaw, which allows for shell scripts to be executed after clicking a link."
Permalink for comment 97942
To read all comments associated with this story, please click here.
RE: Quick Fix
by ormandj on Tue 21st Feb 2006 20:56 UTC in reply to "Quick Fix"
ormandj
Member since:
2005-10-09

That really doesn't "fix" the vulnerability. It just means the author has to change the shell script a bit to point to the right path. The fix is disable opening "safe" files after downloading (temporary) and then Apple rolling out something to make executables easily found. This means changing pardigrams for file information, and not relying on the file creator's "word" so to speak.

Reply Parent Score: 1