Safari and Firefox Open to Major Security Hole

Looks like there’s a big security hole in Safari (as well as Firefox) that takes advantage of the “open safe files” feature. From 4null4.de:

If this facility runs across a shell script that is missing the so-called Shebang-row, the system wont ask the user whether to execute the file automatically anymore – itll just execute it anyways. Unfortunately you can simply rename a shellscript without a Shebang-row to known-good filetype extensions like JPG or PNG and put that renamed script into a ZIP file – zipping as well an administrative file thatll connect that file with the shell. A target Mac then knows automatically how to open that file if it receives that ZIP – itll take it as totally normal to execute the jpg file with the shell.

Two easy things to avoid this problem is to move Terminal to a different location as the exploit hard codes the command line tool’s path. Also disable the safe download feature in Safari. Always be questioned and you’ll be a bit safer. And remember, never work as a root user…that’s how so many people get in trouble on Windows boxes.

[tags]firefox,safari,security hole,shebang-row,shell script,execute[/tags]