BugTraq
Malicious Bundles on Mac OS X Jun 04 2005 11:21PM
Braden Thomas (braden127 myrealbox com)
I wrote some information about Malicious Bundles on Mac OS X and
posted source code that you can find here:

http://braden.machacking.net/bundle.html

The InputManagers directory on OS X gives the user the ability to
load any bundle into any application. The Obj-C runtime environment
gives code the ability to dynamically change the mapping of any
function at runtime. The combination of these two allows a bundle to
modify the behavior of any application launched by a user. This fact
is nothing new -- people have been discussing this for a while, and
other people have been using this functionality to write neat
software that modifies other software.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus