Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Avoid a security vulnerability in Safari' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Avoid a security vulnerability in Safari
Authored by: mayaahh on Feb 22, '06 10:28:10AM

I think there is a risk with mail too : if you receive a mail with a movie icon and that file's name is somethings.mov and the fake is credible (imagine a mac-related mailling-list sending a video about security on Mac !), you can't know it's a shell script unless you download it, then hit command+I, insted of just double-clic on it

I think the solution have to be a bash one : I'm looking for a bash enough competent guy to crak it in order to add a confirmation step before executing file script : Prompt should say "do you really want to execute the file filename.mov ?" No ! The only restriction is that crontab should not be affected



[ Reply to This | # ]
Avoid a security vulnerability in Safari
Authored by: pub3abn on Feb 22, '06 10:37:42AM
There is discussion of the Mail application vulnerability here: http://macdailynews.com/index.php/weblog/comments/8652/

[ Reply to This | # ]