Security | Safe Terminal 0.3
Author: Nir Soffer
Date: 02/26/2006 07:55 AM
Size: 56 KB
Requires: OS X 10.3/10.4
Downloaded: 3067 times
TIP: MacBooster 2 - A powerful, recommended cleaner for your Mac.
If Safari "Open safe files after download" is enabled, its possible to create malicious shell scripts that will be executed by the Terminal automatically after you download them. It is also possible to create malicious shell scripts that look like a document or a folder, that will be executed by Terminal on double click without warning.
After Safe Terminal is installed, the Terminal utility will show an alert before executing a shell script, allowing the user to confirm or cancel. The usage of the Terminal to type and run commands is not effected in any way.
• Log in as an administrator.
• Copy the folder named "Safe Terminal" in the disk image into InputManagers folder inside the Library folder in the volume Mac OS X is installed. If the InputManagers folder does not exists, create it.
• If the Terminal is running, restart it.
• If you are not allowed to administer this computer, or want to install only for your account, you may install into the InputManagers folder inside the Library folder inside your home folder.
• To verify the installation, double click the file named "test.command" in the disk image. A warning dialog will ask you "Are you sure you want to execute test.command?". Click Cancel or press the Escape key to cancel. Without Safe Terminal a new shell window will open, and the script will execute.
The Safari and Mail shell script execution vulnerability is related to an error in handling of file association by system component called LaunchServices. This error is not fixed by Safe Terminal. It may be possible to attack your computer in other ways, not using shell scripts, exploiting this error.
See Paranoid Android for a fix for the file association handling error and other vulnerabilities.
Application that use the terminal to execute shell scripts will need a confirmation before the script will execute.
OS X 10.3 and 10.4
MGID NEWS FEED: