Shostack + Friends Blog Archive


Safari Users: Don't Open "Safe" files after downloading

Go to preferences, general, and un-select that box. From “Apple Safari Browser Automatically Executes Shell Scripts,” via SANS and Eric Rescorla. Don’t miss Peter da Silva’s comment on Eric’s post. Eric, how do you get such good comments?

3 comments on "Safari Users: Don't Open "Safe" files after downloading"

  • cat says:

    Adam – clearly you need to write a book.

  • Richard Johnson says:

    It’s not really a Safari or Terminal issue. It’s a problem with BOMArchiveHelper and other archivers that all likely rely upon the same underlying libraries.
    zip and tar files both, at minimum, can contain bogus metadata which is honored when launching the file in the Finder while the Finder displays the branding based on the file extension.
    Furthermore, Stuffit Expander 10.0.1 honors the metadata just as BOMArchiveHelper does.

  • iVirus, Mr & Mrs Smythe, Shaking the Incumbents, Ping on convenience, Gmail on inconvenience

    Curious that Apple’s Safari wasn’t mentioned in recent discussions about High Assurance certs. Which brings us to a rash of sightings of Mac Viruses. Well, three at least. Unfortunately the media can be relied upon to over-play the appearance of Mac Vi…

Comments are closed.