Major Geeks, providing free tested downloads.
advertisement

Mac Files
  Airport Tools
  Admin Tools
  All In One Tools
  Anti-Virus
  Apple
  Audio
  Appearance
  Backup
  Benchmarking
  Browsers
  Covert Ops
  Data Recovery
  Diagnostics
  Drive Cleaners
  Drive Utilities
  Drivers
  Ergonomics
  File Management
  Firewalls
  Game Tweaks
  Graphics
  Input Devices
  Internet Tools
  iPod Tools
  Mail Utilities
  Memory
  Messaging
  Monitoring
  Multimedia
  Office
  Security
  Spyware Tools
  System Info
  Toys
  Video
  Widgets
  Miscellaneous
  Windows
  News Archive
  - Off Base
  - Way Off Base


  Handheld/PDA       
  XML News Feeds    
  Sidebar                   
  Security | Safe Terminal 0.3
Author: Nir Soffer
Date: 2006-02-26
Size: 56Kb
License: Freeware
OS: OSX 10.3+
Downloaded: 1078 Times
Download Locations:
Author's Site Author's Site
Download from USA MajorGeeks TX - |USA|
Download from USA MajorGeeks TX - |USA|
Download from USA MajorGeeks FL - |USA|
Download from Internode Internode - |Australia|
Australia Planet Mirror - |Australia|

>> Report A Bad Link<< 		Screenshot
Rating: N/A (0 votes)
CompatDB.org Project:
Submit Results
Check Results

Safe Terminal fixes a security weakness with Mac OS X Terminal utility, when it execute shell scripts without the user confirmation.

If Safari "Open safe files after download" is enabled, its possible to create malicious shell scripts that will be executed by the Terminal automatically after you download them. It is also possible to create malicious shell scripts that look like a document or a folder, that will be executed by Terminal on double click without warning.

After Safe Terminal is installed, the Terminal utility will show an alert before executing a shell script, allowing the user to confirm or cancel. The usage of the Terminal to type and run commands is not effected in any way.

Installation:
-Log in as an administrator.
-Copy the folder named "Safe Terminal" in the disk image into InputManagers folder inside the Library folder in the volume Mac OS X is installed. If the InputManagers folder does not exists, create it.
-If the Terminal is running, restart it.
-If you are not allowed to administer this computer, or want to install only for your account, you may install into the InputManagers folder inside the Library folder inside your home folder.
-To verify the installation, double click the file named "test.command" in the disk image. A warning dialog will ask you "Are you sure you want to execute test.command?". Click Cancel or press the Escape key to cancel. Without Safe Terminal a new shell window will open, and the script will execute.

The Safari and Mail shell script execution vulnerability is related to an error in handling of file association by system component called LaunchServices. This error is not fixed by Safe Terminal. It may be possible to attack your computer in other ways, not using shell scripts, exploiting this error.

See Paranoid Android for a fix for the file association handling error and other vulnerabilities.

Known Issues:
-Applications that use the terminal to execute shell scripts will need a confirmation before the script will execute.

New in this version:
-Show an alert before executing a shell script.
-test.command display also a text message.
-Improved documentation.

Source code is also available at author's site.

Safe Terminal is not compatible with Macs using Intel processors.

 


  Support Forum
  NEW Geek-Wear
  Free Magazines
  Geek Shopping
  Geektionary
  About
  Links
  Folding@Home Team
  FAQ

advertisement
    
< Copyright & Disclaimer | Privacy Statement >
There are currently 66 Mac Geeks online
Copyright ©2000-2005 MajorGeeks.Com
Powered by Esselbach Storyteller CMS System Version 1.8