MacOS X 10.3 security chasm

[skreidle]

PSA courtesy jazzfish:

It seems OSX 10.3 [Panther] has a simple, easily-fixed, and gaping security hole.

"It is possible to write a URL that, when invoked from one’s default browser, invokes Apple’s Help program, which is itself a mini-browser which uses a subset of HTML. The trouble is that unlike a well-written, full-fledged, OSX browser, the Help program is (a.) fully scriptable; and (b.) fully capable of running any application or command for which the user has privileges."

---

Watched Gilmore Girls season finale. Action-packed!

Comments

[absolutliz.livejournal.com]

Season finales suck. I don't want to have to wait all summer to find out what happens next. =(

[liandriel.livejournal.com]

Wasn't it?! Oh. My. Gosh.

I hope Lorelai sics someone vicious on Dean.

[skreidle.livejournal.com]

Better than series finales--at least there -is- a continuation!

[skreidle.livejournal.com]

Seriously--the boy needs a beating with a clue-by-4. He's obsessed!

[liandriel.livejournal.com]

He's not the only one! Poor Rory!

Man, I never thought Jess would look so good as a prospect for a good, solid relationship.

[skreidle.livejournal.com]

Well, if only what's-his-name wasn't married.. but that's the point, isn't it?

[liandriel.livejournal.com]

That's exactly the point. The jerk. Who knew good ol' Dean was such a jerk?

[skreidle.livejournal.com]

Well, I can relate to where he's coming from, but he should -really- have waited until a divorce was much more definite/complete.