|
|
Comment from my email...
Robert emailed this to me and gave me permission to post; he doesn't have an account, but I thought he raised some interesting options. He writes:
The ability for Applescript to execute Unix commands is a very valuable feature that I use, and would hate to see it disabled. I use the do shell script line many times, and I can't imagine how else I can process files without that bridge between an application and Unix.I like the concept of an "shell to english" converter; that would help people understand (at least somewhat) what a given script may do... -rob.
Comment from my email...
That wouldn't solve anything. AppleScript isn't the only vector for trojan horses.
Regarding the switch in the preferences
Regarding the switch in the preferences, unfortunately, a lot of (X11) programs use shell scripts (e.g. Matlab uses one for its start-up).
Comment from my email...
2. Provide for the user, a switch in the preferences, defaulted to on, which disables (or prompts for confirmation) any call to 'do shell script', along with the code. Since the number of commands in Unix is finite, an enhancement would be to translate shell scripts to english to help people understand what's going on. (ie: 'rm' gets translated to 'delete', -r translates to 'recursively', -f translates to 'without prompting for confirmation', and ~ translates to 'your home directory'.)I disagree. This is in the same spirit as disableing "do shell script" altogether, and doesn't help. AppleScript can just as easily tell the Finder to move "~" to the trash, then tell Finder to empty the trash. It will work. No comfirmation either. I would support, however, an option to default to "open for editing" for ALL AppleScripts (and make them all editable). ---
Comment from my email...
...and so in order to protect users from evildoers exploiting their ignorance, we destroy in one stroke all (well, much) income derived by anyone making money from writing & distributing Applescripts. If you can read the code, you can edit it, and spot & remove any registration lock.
Comment from my email...
'Suppress all further warnings is good'
Comment from my email...
The danger is not in the "do shell script" command, disabling it will only close down one of several possible routes to do damage. For example, here is a straight AppleScript way to do similar damage:
I can create a similar program in Java, Cocoa, Carbon, or whatever. You can never fully close off this sort of problem, all you can do is make life more difficult for yourself as you shut down all of the ways that this can be done.
Comment from my email...
Remove the feature that permits AppleScript to make files uneditable. Let us always be able to see AppleScript code.
There are many people and companies that make money writing AppleScript scripts, and they protect their investment by only giving the customer a run-only version of the script. Taking that away would be a very bad thing. The other thing to consider is that a huge percentage of computer users these days are not smart enough to know that they could try opening a downloaded file with Script Editor to see if it's a malicious script. The only people that are going to do that are smart enough to open run-only scripts with a resource editor and look at the 4-char codes and text values to see what the script is doing.
Comment from my email...
Saving to uneditable Applescripts could be combined with a trusting mechanism: |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.18 seconds |
|