Linked by Thom Holwerda on Tue 21st Feb 2006 17:59 UTC
Mac OS X "[Last week], we reported on a Trojan horse for Mac OS X that is just like the entry for Earth in the Hitchhiker's Guide to the Galaxy in that it is mostly harmless. A new vulnerability targeted at Apple's home-grown web browser, Safari, is another matter entirely. A German security firm appears to have been the first to discover the Safari flaw, which allows for shell scripts to be executed after clicking a link."
Thread beginning with comment 97987
To view parent comment, click here.
To read all comments associated with this story, please click here.
raver31
Member since:
2005-07-06

Almost, it should read..........

sudo -s
cp /bin/rm /bin/rm_org
vi /bin/rm (write a scipt that says ECHO "Aye, Right, sure I will, Dickhead")
chmod a+r /bin/rm

You're secure now. Try that on not-UNIX box.

:)

Reply Parent Score: 1

Emil Member since:
2005-06-29

TBH, we both have missed +x flag. :-D

Reply Parent Score: 1

ormandj Member since:
2005-10-09

As superuser (sudo/su root, whatever you prefer):

cp /bin/rm /bin/rm_org;echo "echo '"Aye, Right, sure I will, Dickhead"'">/bin/rm;echo "rm -i">>/bin/rm;chmod a+rx /bin/rm

Er, yea..ok. ;)

Reply Parent Score: 1

ormandj Member since:
2005-10-09

Oops, should be:

cp /bin/rm /bin/rm_org;echo "echo '"Aye, Right, sure I will, Dickhead"'">/bin/rm;echo "/bin/rm_org -i">>/bin/rm;chmod a+rx /bin/rm

Reply Parent Score: 1

stew Member since:
2005-07-06

Renaming "rm" is just false security. There are a dozen other ways how a script can destroy your data without invoking rm.

Reply Parent Score: 1