Linked by Thom Holwerda on Tue 21st Feb 2006 17:59 UTC
Mac OS X "[Last week], we reported on a Trojan horse for Mac OS X that is just like the entry for Earth in the Hitchhiker's Guide to the Galaxy in that it is mostly harmless. A new vulnerability targeted at Apple's home-grown web browser, Safari, is another matter entirely. A German security firm appears to have been the first to discover the Safari flaw, which allows for shell scripts to be executed after clicking a link."
Thread beginning with comment 98049
To view parent comment, click here.
To read all comments associated with this story, please click here.
abraxas
Member since:
2005-07-07

You don't have to go to that kind of trouble. Just alias "rm" to "rm -i". Also it's difficult to run a script like that disguised as a jpg or something to that effect because it is not executable. If you can't open a picture because it is not executable you know there is a problem and joe user would have a tough time trying to figure out how to make it executable.

Edited 2006-02-22 05:33

Reply Parent Score: 1

Emil Member since:
2005-06-29

Just alias "rm" to "rm -i".

What if scipt will run outsite your normal shell session? Where aliases are not defined? Hacking a bash script under /bin/rm will prevent from abuse anytime.

Reply Parent Score: 1

abraxas Member since:
2005-07-07

True, but in reality there is little to worry about because as I stated before the file will NOT be executable. It's ignorant to think that A. "rm -rf /" is a virus and B. that it is at all a danger to Linux/Unix boxes. Windows is more prone to a "virus" like that than Linux is.

Reply Parent Score: 1