Re: New method to load user bundles

[Martin Brecher]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pascal Bourguignon wrote:
|
|
| Yes, this is very important.  A  whole class of viruses and malware on
| MacOS could run this way,  merey being present in some resource files,
| because the system would open them automatically and they would shadow
| application resources.
|
| You cannot let code being automatically loaded and run like that!
|
| If we  allow the  user to configure  such a  GSAppKitUserBundles, that
| means that  he could download  unconspiciously some malware  doing the
| same.  Then a suid application  should have the mean to protect itself
| from such malware.
|

Personally, I don't see why this defaults value gets that much security
related attention now.

Because, well, some malware could just as easily replace your ~/.bashrc
or your ~/GNUstep/Library/WindowMaker/autostart, edit your $PATH or
$LD_LIBRARY_PATH for example. Also, several GNUstep applications store
commands/paths in the user defaults (all the various frontend apps, like
Burn).

Apart from that some malicious bundles can always put themselves into
action by seaming like a prefs bundle, or a GNUMail addon bundle that's
installed into the user's Library/Bundles folder.

In fact every bundle can be overridden by putting something with the
same name in the user's Bundles folder. Thus, even the backend itself -
which is naturally loaded everytime an application is started - can be
overwritten/overridden by some malware, either by placing a fake backend
bundle in the Bundles folder or by modifying the GSBackend defaults
value. (And this seems far more dangerous to me!)

I cannot prevent people from crossing the street when the traffic lights
are red either.

Greetings,
Martin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+2WEykWEEBp53XEURAgrqAKCxlW4abtV0yL45TjvXt9SuBLpRqACdEq8y
sIyTUrHGT4WJNkiyjAr/TSg=
=u7Ks
-----END PGP SIGNATURE-----