Safari Security Flaw Reported [Updated]
Member Michael Lehn today reported the discovery of a security flaw in the Open "safe" files after downloading feature of Safari, also being reported by heise online. The flaw has been independantly confirmed.
When the Open "safe" files option is checked in the General tab of Safari preferences, a downloaded archive (zip file) containing a shell script named with a .jpg or .mov extension and missing the standard #!/bin/bash line can cause Safari to execute the shell script in the Terminal application without a confirmation prompt. A shell script has the privileges of the logged-in user, so in theory if a malicious script was executed this way, home folder files would be suspectible to damage. If the user was an administrator, system files and applications could be affected as well.
Two preventative measures can be used to avoid the flaw: (1) Disabling the Open "safe" files after downloading feature in Safari preferences. (2) Moving the Terminal application out of its normal location in the Applications/Utilities folder. The former method may be inconvenient during other routine downloads, while the latter may need to be reversed while performing Mac OS X updates.
The problem does not apply to other commonly used web browsers.
So far, a demonstration (proof of concept) download has been created, but no real exploits are known to exist. The problem has been reported to Apple Computer.
[Update] CNET reports that Apple is developing a patch for this security flaw, quoting an Apple representative as saying "We're working on a fix so that this doesn't become something that could affect customers" but without giving a delivery date for an update. Because the problem can reportedly affect Mail as well as Safari, the update may come in the form of changes to Mac OS X, not to Safari alone.
When the Open "safe" files option is checked in the General tab of Safari preferences, a downloaded archive (zip file) containing a shell script named with a .jpg or .mov extension and missing the standard #!/bin/bash line can cause Safari to execute the shell script in the Terminal application without a confirmation prompt. A shell script has the privileges of the logged-in user, so in theory if a malicious script was executed this way, home folder files would be suspectible to damage. If the user was an administrator, system files and applications could be affected as well.
Two preventative measures can be used to avoid the flaw: (1) Disabling the Open "safe" files after downloading feature in Safari preferences. (2) Moving the Terminal application out of its normal location in the Applications/Utilities folder. The former method may be inconvenient during other routine downloads, while the latter may need to be reversed while performing Mac OS X updates.
The problem does not apply to other commonly used web browsers.
So far, a demonstration (proof of concept) download has been created, but no real exploits are known to exist. The problem has been reported to Apple Computer.
[Update] CNET reports that Apple is developing a patch for this security flaw, quoting an Apple representative as saying "We're working on a fix so that this doesn't become something that could affect customers" but without giving a delivery date for an update. Because the problem can reportedly affect Mail as well as Safari, the update may come in the form of changes to Mac OS X, not to Safari alone.
Last week, we offered an update on the ongoing trademark dispute in China between Apple and Proview Technology, which claims to have held ownership of the "iPad" trademark there since 2000. ...
Apple is expected to reveal the new iPad at a media event in the first week of March. The new iPad is widely believed to carry a ultra-high resolution 2048x1536 display that exceeds the resolution...
Back in December, The Recording Academy announced that it would be honoring Steve Jobs with a Special Merit Grammy Award. The Trustees Award for Jobs was made in recognition of his contributions to...
Clkoerner (via OSXDaily) put together this graphic showing the relative number of pixels offered by various devices, including the rumored iPad 3. Also for reference, he includes a 1920x1080 Full...
Reuters reports that Apple has filed a lawsuit against Motorola Mobility alleging that Motorola has breached a licensing agreement with Qualcomm in its efforts to have a number of Apple's iOS...
