>> Basically, the AppleHelp service can be used to execute an >> arbitrary shell-level script. (rm -rf /, anybody?) > >It looks like it runs the script as the user who's using the browser. >So it won't wipe your entire hard drive, but if mis-used right it could >potentially do some interesting things. > >If you're an "administrator" user it can't do any worse as it would >prompt for a password to run sudo. OK that might fool some people, >provided they don't get suspicious about the terminal window that just >opened. > >Either way its not good and hopefully Apple will make a fix available >soon.
Translation required please Dave :-) Cheers, Cotty ___/\__ || (O) | People, Places, Pastiche ||=====| www.macads.co.uk/snaps _____________________________
