Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Comment from my email...' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Comment from my email...
Authored by: Graff on May 12, '04 07:13:09PM

The danger is not in the "do shell script" command, disabling it will only close down one of several possible routes to do damage. For example, here is a straight AppleScript way to do similar damage:

!!!! CAREFUL, YOU CAN DO SERIOUS DAMAGE IF YOU RUN THIS SCRIPT !!!!


tell application "Finder"
	-- !!! CAUTION !!!
	-- if you uncomment the next line you will delete your home directory
	-- delete (path to home folder)
	empty trash
end tell

I can create a similar program in Java, Cocoa, Carbon, or whatever. You can never fully close off this sort of problem, all you can do is make life more difficult for yourself as you shut down all of the ways that this can be done.

The solution is simply to be careful about the source of programs and files. If you are not certain about a file then create a dummy user account and open it in there. Also keep backups of your important files in case you do make a mistake and run something that destroys your home directory.

- Graff



[ Reply to This | # ]