I think that this was more serious that you would imagine. The trojan, as I recall, exploits what is basically a convention for the typical OSX install: the first account to register is given administrator privileges. The second defect as I recall is that Terminal will run some of these scripts as administrator even without a password. The lynchpin, as is always so common on Windows, is the browser: Safari would consider the downloaded file as an image file if it was named with .jpg or something on it, but was actually a terminal script, and would "open" it automatically in Terminal. The description of commands being sent across the screen is him describing Terminal as being launched and various UNIX commands being processed. This problem was detailed many weeks ago in such reputable websites as xlr8yourmac.com and macfixit.com. One of the remedies suggested was to create another account without administrator privileges, then use that one exclusively as the primary account. I think that the issue was Terminal-specific in some way, as I know that my administrator account is still required to manually enter passwords whenever I want to do something important, like OS updates, etc. My impression was that this was not a problem to be blown off. Michael On May 1, 2006, at 7:49 AM, Aron Spencer wrote: > He shorted AAPL. > > he had to type in his administrator password to get anything bad to > happen... -------------- next part -------------- An HTML attachment was scrubbed... URL: http://listserver.themacintoshguy.com/pipermail/x4u/attachments/20060502/0827a2b0/attachment.html