On Feb 25, 2006, at 9:56 PM, Mikael Byström wrote: > Chris, wouldn't changing umask prevent the exploit from gaining > access? No because everything happens outside the shell until Launch Services calls the shell to run the code. By that time it's too late. > If I try it, will it only delete the current user account, or all? The current user account only. However, we've found that on admin user accounts we can modify system settings and/or place hidden files/ folders/binaries at the root level in /Library or /Applications too. We're still tweaking the code, trying to figure out exactly how much damage we can do..... -- Chris ------------------------- PGP Key: http://astcomm.net/~chris/PGP_Public_Key/ ------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://listserver.themacintoshguy.com/pipermail/titanium/attachments/20060225/6aaa2805/attachment.html