[X4U] Miscellaneous Dashboard Question
Nick Scalise
nickscalise at cox.net
Wed Jun 21 21:03:01 PDT 2006
On Jun 21, 2006, at 10:21 PM, Randy B. Singer wrote:
> Nick Scalise said:
>
>>> Features include closing a big security hole,
>>
>> What 'big security hole'?
>
> Where have you been? There was a huge issue with downloaded widgets
> being installed without any security precautions. Apple has since
> offered some security updates to help avoid this potentially huge
> problem.
>
> http://www.oreillynet.com/mac/blog/2005/05/
> the_cats_mustaches_dashboard_s.h
> tml
Been here all along, but of course, you know that, are you feeling
hyperbolic today?
I heard about the widget security issue when it was announced/
discovered and I heard about it when Apple patched it. As it is now,
there is no big hole on a patched OS X system. The only currently
talked about security issue is allowing Safari to open files after
downloading, and you don't need Widget Preference Pane to adjust that.
The other thing they do is bring Mac OS X Server Tiger ACL's to Tiger
desktop. While a nice enhancement, I don't think that Tiger systems
without set ACL's have a big security hole.
I went to the widget manager site and even they don't call it a hole.
They say Apple 'could have done more', that to me does not mean a
'big security hole'. The marketing of their widget had some
salesmanship to it.
Your post seemed a little sensationalistic.
--
Nick Scalise
nickscalise at cox.net
More information about the X4U
mailing list