Focus on Apple
Re: .dmg file exploit Nov 21 2006 09:08PM
mfossi securityfocus com (2 replies)
Re: .dmg file exploit Nov 22 2006 03:05AM
Jason (security brvenik com) (1 replies)
Re: .dmg file exploit Nov 22 2006 04:04PM
Martin Roesch (roesch sourcefire com)
Re: .dmg file exploit Nov 21 2006 09:49PM
Roland Dobbins (rdobbins cisco com) (2 replies)
DNSSEC validation Sep 24 2008 07:20PM
Dave Piscitello (dave corecom com)
Re: .dmg file exploit Nov 22 2006 03:25PM
mfossi securityfocus com (1 replies)
Re: .dmg file exploit Nov 22 2006 04:04PM
Roland Dobbins (rdobbins cisco com) (1 replies)
Re: .dmg file exploit Nov 22 2006 06:02PM
Martin Roesch (roesch sourcefire com) (3 replies)
Re: .dmg file exploit Nov 22 2006 11:25PM
Eric Hall (securityfocus darkart com)
On Wed, Nov 22, 2006 at 01:02:18PM -0500, Martin Roesch wrote:
> I agree, there really is no good mitigation strategy for this one
> right now, disabling the checkbox in safari just buys you time until
> you mount the DMG manually. Apple needs to provide a long term fix
> for this.
>
> If there was a sufficiently enterprising individual or group out
> there I'm sure that there's got to be a way to intercept Finder when
> someone double clicks on a file and validate the file before handing
> it off to the automounter. Unfortunately, my OS X systems
> programming skills aren't really up to snuff at this point so all I
> can do is wax profound on how useful that would be...
>
> -Marty
>

I believe the right places to look are

/Applications/Utilities/Disk\ Utility.app/Contents/Frameworks/DUSupport.framework

and

/System/Library/PrivateFrameworks/DiskImages.framework

I was poking around at DMG mounting a bit ago and it appeared
to require the former (which links in the latter) when double-clicking a DMG
in the Finder.

-eric

[ reply ]
Re: .dmg file exploit Nov 22 2006 06:40PM
Jeramey Valley (ValleyJR mps k12 mi us) (1 replies)
Re: .dmg file exploit Nov 22 2006 08:23PM
Martin Roesch (roesch sourcefire com) (1 replies)
Re: .dmg file exploit Nov 22 2006 10:44PM
stephen joseph butler (stephen butler gmail com)
Re: .dmg file exploit Nov 22 2006 06:37PM
Roland Dobbins (rdobbins cisco com) (1 replies)
Re: .dmg file exploit Nov 22 2006 08:29PM
Martin Roesch (roesch sourcefire com) (2 replies)
Re: .dmg file exploit Nov 23 2006 04:12AM
K F \(lists\) (kf_lists digitalmunition com)
Re: .dmg file exploit Nov 22 2006 08:45PM
Roland Dobbins (rdobbins cisco com) (1 replies)
Re: .dmg file exploit Nov 23 2006 10:15AM
Simon Slavin (s slavin lancaster ac uk) (1 replies)
Re: .dmg file exploit Nov 23 2006 07:53PM
K F \(lists\) (kf_lists digitalmunition com) (1 replies)
Re: .dmg file exploit Nov 23 2006 09:30PM
Howard Oakley (h oakley btconnect com) (1 replies)
Re: .dmg file exploit Nov 24 2006 03:12AM
K F (lists) (kf_lists digitalmunition com) (1 replies)
Re: .dmg file exploit Nov 24 2006 03:05PM
Simon Slavin (s slavin lancaster ac uk) (1 replies)
Re: .dmg file exploit Nov 24 2006 03:51PM
David Maynor (dmaynor gmail com) (1 replies)
Re: .dmg file exploit Nov 24 2006 03:56PM
Simon Slavin (s slavin lancaster ac uk)


 

Privacy Statement
Copyright 2010, SecurityFocus