[X4U] Malware for Mac...
Stephen Mackenzie
stephen.mackenzie at connectfree.co.uk
Mon May 9 11:44:40 PDT 2005
On May 9, 2005, at 17:21, Hector Luna wrote:
>> Wouldn't just unchecking the "Open safe files" box in Safari also do
>> this?
>
> Yes. If you're a computer admin you could take it a bit further and
> make ~/Library/Widgets read-only as well...
Still automatically downloads the widget (even in 10.3.9) cos of a http
refresh header. Another page (full of "evil" widgets) does it with
iframes.
People are (rightly) getting excited about widgets executing arbitrary
code, but I'd be quite happy for Safari NOT to download random things
like zip files without telling me!
SM.
(Never approved of that newfangled Dashboard thing anyways...)
More information about the X4U
mailing list