Canadian Mac Forums at ehMac banner
1 - 5 of 5 Posts

·
Registered
Joined
·
377 Posts
I saw this thread when you posted, but didn't get a chance to test it until now.

It looks like Apple has indeed revived this hole. Idiots.

Thanks for pointing it out.
10.5.1

Edit: Ok, it might not be as bad a threat to most people since it only seems to run without warning if "Terminal.app" is already running - which wouldn't be the case for most people. But I still consider it to be serious.
 

·
Premium Member
Joined
·
9,114 Posts
Discussion Starter · #3 ·
I tried it on 10.4.10.

I get the warning message, but I bet that doesn't stop a lot of people from opening the file anyway.
Wonder why Apple doesn't just block something like this, a script masquarading as a jpg file.
 

·
Registered
Joined
·
377 Posts
Yeah, I don't get it. They have already done the hard part - the system seems to correctly identify an attachment as a programme or script. It can even tell the difference between eg. a jpeg with executable privileges and a 'usro' from a shell script with with a 'usro'. All they have to do is set giving a "possible program" an executable icon as the overriding rule to decide what icon a file displays.

In "Finder", a disguised script displays any custom icon assigned to the file. In Mail, any icon displays an icon based on its file extension. What an inconsistent mess.

But I consider that a separate issue. In this case, I consider the bug to be strictly a "Mail.app" bug - the warning that is otherwise displayed is missed if "Terminal.app" is already running.
 
G

·
Yep this is a mail.app only bug for sure, it's trusting the mime-type set by the email sender and executing it accordingly. This is a no brainer that they should have fixed in Leopard a long time ago and very reminicent of microsoft (There were a lot of problems with Outlook with this exact same assumption). BUt on the bright side, at least Mail.app doesn't automatically execute them without user intervention (like Outlook used to do!)
 
1 - 5 of 5 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top