MacOS X Security Hole

May 18, 2004 at 10:55 pm | Posted in Macintosh | 2 Comments

Today, another MacOS X security hole was found. This one allows arbitrary scripts and commands to be run using two protocols – help: and disk:. An example can be found here:

http://bronosky.com/pub/AppleScript.htm

[It will issue a non-destructive command using the Terminal].

I have found a workaround for this – it involves turning off Apple’s Help Viewer application, which disables the help: protocol. Since I don’t use Help Viewer much, it’s not a big deal for me to turn this off, although other people may not be able to do this.

% sudo chmod 000 /System/Library/CoreServices/Help\ Viewer.app

I fear that this security hole may also affect AppleScript-aware applications that support the “runscript” command.

I don’t know yet how to disable the disk: protocol.

2 Comments

TrackBack URI

  1. Apple released their 05/24 Security Patch (for 10.3.3 and 10.2.8) yesterday which fixes the problems I’ve described. There is also another patch from Unsanity called Paranoid Andriod which prevents the creation of new protocols without user knowledge or intervention.

  2. Additional workarounds to fix or at least minimize this vulnerability can be found at MacOS X Hints. Personally, I prefer the solutions that lets you define default applications for the help: and disk: protocols.


Sorry, the comment form is closed at this time.

Blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: