Report: Apple developing fix for automatic execution of shell scripts

“A serious flaw in Mac OS X could be a conduit for attackers to install malicious code on computers running the Apple Computer software, experts warned Tuesday,” Joris Evers reports for CNET News. “Visiting a malicious Web site using Apple’s Safari Web browser could result in a rootkit, a back door or other malicious software being installed on the computer without the user noticing anything, experts said. ‘This could be really bad,’ the SANS Internet Storm Center, which tracks network threats, said Tuesday. ‘Attackers can run shell scripts on your computer remotely just by visiting a malicious Web site.'”

“Apple is developing a patch for the flaw, a company representative told CNET ‘We’re working on a fix so that this doesn’t become something that could affect customers,’ the representative said, but could not give a delivery date for the update,” Evers reports.

Full article here.

MacDailyNews Note: Apple’s Mail is also affected. Please see related articles below. For now, move your Terminal application from /Applications/Utilities into a different folder until Apple’s fix is ready. As usual, only accept and open files from vendors and Web sites that you know and trust.

MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.

Related MacDailyNews articles:
Safari web browser auto executes shell scripts; disable ‘Open ‘safe’ files after downloading’ option – February 21, 2006
Warning: Like Safari, Apple’s Mail also auto executes shell scripts – February 21, 2006


  1. What about just adjusting the Terminal preferences to not automatically run scripts? Then it doesn’t matter what application attempts to launch Terminal. That would be less maintenance than moving the Terminal back and forth whenever there are system updates.

    It might be some time before Apple comes up with a really good alternative, and unfortunately the guy who blabbed and shouted this flaw worldwide didn’t bother to inform Apple and let them come up with a solution. Not uncommon in this world of show-offs who don’t really care about other people’s security.

    Microsoft gets the same treatment from a lot of people “reporting” security flaws by shouting them worldwide while trying to become famous for finding one. Of course, it doesn’t work because few people remember them, or at least I never do. But I am reminded of how there will always be people who care more about getting attention for themselves than caring about other people’s safety.

  2. A free open source app called ClamXav is a very good Anti Virus program for the Mac OS. It currently is PPC only, but the developer is working on a version for Intel based Macs. This has been used widely by many who were required to have AV software installed as a condition by IT for access to the work net.

  3. I’ve turned off the open safe files setting and that’s enough for now. As with all of these “warnings,” until we see any stories of real life impacts out in the wild, I’m not going to lose any sleep over it. You can pull your hair out all day if you get scared over every use of concept that pops up out there.

  4. <quote>What about just adjusting the Terminal preferences to not automatically run scripts? </quote>

    I agree. I just changed the permissions of to only run when i’m logged in as an administrator. My non-admin-user can’t even open terminal now (or run scripts of course).

  5. “For now, move your Terminal application from /Applications/Utilities into a different folder until Apple’s fix is ready.”

    Yeah, like my mom and grandma are going to understand that….

    “You told us when we bought the applecomputer that nothing ever is wrong with it!”

  6. Be scared,

    Write an AppleScript for Grandma that does it for her, then compress it and send it to her.

    Could this idea be another flaw ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />

  7. Well at least we can count on Apple acting fast.

    However this causes a problem because Apple throws in some curves in the updates which break programs.

    They also tend to shorten the lifespan of their hardware by introducing things to make the OS slow down.

    But you can’t get the security updates, unless you take the baggage along with it.

  8. I’m a grandpa. Former carpenter without tech background. Grandkids are approaching thirty years old. My Terminal’s in another folder. The do-hickey in the Safari prefs is unchecked.


Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.