Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'I have, and it's the most effective method available.' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
I have, and it's the most effective method available.
Authored by: makeinu on May 19, '04 03:21:32PM
Inside the Help.app package, there is a file named Info.plist. This is an XML property list document. In it is a field that controls Help's ability to run Applescripts. Find the field named "NSAppleScriptEnabled" and change the boolean value to "No". You can do this with Property List Editor, or with Text Edit if you remember to save it as plain text with UTF-8 encoding. This will disable prevent the script from running, as it requires Applescript for functionality. I have tested this, and so have other people, and it works. Safari will download the image, mount it if allowed, Help will launch, and that's it. No need to disable Help at all, although not auto-opening files is still a very good idea. See more at MacCentral.

[ Reply to This | # ]
NSAppleScriptEnabled boolean No is great!
Authored by: Uncle Asad on May 19, '04 08:44:21PM

This seems to be the most sane and unobtrusive "quickfix" for this exploit; I don't notice any loss of functionality other than that specific to this exploit. Help Viewer still works and can still "open System Preferences for me" from help pages, and the dmg and local application vectors no longer are open doors (remapping disk:// and disks:// is probably an additional safeguard; who has ever used them?)



[ Reply to This | # ]
NSAppleScriptEnabled boolean No is great!
Authored by: makeinu on May 20, '04 09:09:23AM
Thank you!!! I'm glad that at least two people bothered to read all of the offered solutions!! I can understand that people are in a fit trying to find a 'quick fix' solution for this, as it is kinda scary, but there is a better solution out there than remapping the help:// protocol, and this is it. Please, people, give this a try. It works, and works well, across all users on any system, can be transparently fixed when Apple finally issues a fix through Software Update, and can be simply reversed or reapplied as necessary. Don't just jump on the first solution offered, or the most popular one; it may not be the most practical one. Jeez, can you tell that Mac users are not used to dealing with the stress of this kind of vulnerability?

[ Reply to This | # ]
NSAppleScriptEnabled boolean No is great!
Authored by: Han Solo on May 20, '04 12:02:21PM
Yes, and the easiest way to do this is with a single instruction issued from the command line in the Terminal. Notice that you must have administrative rights on the Mac in question to undertake this fix.

Open a Terminal window and type (or copy and paste) the following:


sudo defaults write /System/Library/CoreServices/Help\ Viewer.app/Contents/Info NSAppleScriptEnabled -bool 'no'
This will set the boolean switch as recommended here. Yes, I posted a similar reply below, but given the length of the comments here I thought repeating it might be helpful for some, and yes, I did get this from the MacInTouch homepage Thursday morning. Hope this is helpful.

[ Reply to This | # ]
I have, and it's the most effective method available.
Authored by: marklark on May 20, '04 09:11:15AM

In mine, I changed "true/" to "false/"

YSMD



[ Reply to This | # ]