Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Resource Forks!!' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Resource Forks!!
Authored by: googoo on Feb 22, '06 01:58:23PM

It seems to me that there are several problems that all go back to one central issue: resource forks! Mac OS X uses the file extension to determine which app to use if a file does not have a resource fork. If a file has a resource fork, the application associated with the file can be different from the application associated with the extension. You set this in the Finder Get Info menu by changing the Open with option. Usually this is not an issue because files that arrive by download, E-mail, or other means come without resource forks. There are some exceptions, though. Resource forks can be included in ZIP archives, and BOMArchiveHelper.app reconstructs them for the extracted files. Mail.app can handle resource forks as well. I am sure there are others, too. This is a huge problem.

A compounding factor is that Terminal.app will run shell commands in a UNIX executable file. All you have to do is set Terminal.app as the application and double-click the file. Then Terminal.app opens a new shell, and executes the commands in the file.

Combine these two issues, and you get a mess. You can give a file a harmless sounding (and incorrect) extension and set its default application to Terminal.app. The result: double-clicking a seemingly harmless photo or movie opens Terminal.app and runs a shell script that deletes all your files (no administrative permission needed)! Then, Safari was set to open certain "safe" files for us. The problem is that "safe" files are determined by extension (or actually MIME type) instead of associated application.

And this is the "safe" OS!?

-Mark



[ Reply to This | # ]
Resource Forks!!
Authored by: john108 on Feb 22, '06 02:55:49PM

Exactly - anything else but changing from HFS to a proper POSIX compliant Unix file system (without resource forks) will be a short term fix till the next exploit comes along - this was only a POC - once it is realised how easy it is to exploit Macs the fun will begin. It's time to say goodbye to Classic and to take the OS that Next developed and match it to a proper secure Unix file system where this type of nonsense just wouldn't happen.



[ Reply to This | # ]