PDA

View Full Version : The Trojan program.. isn't that vulnerability easy to fix?




Archmagination
Feb 16, 2006, 02:26 PM
A lot of people are making a fuss about about this program.. looking at it I thought didn't do much and it would be easy to fix the hole it exploits.

I think(I have about a 2 years programming, but I haven't programmed in awile so I may be wrong) to fix the altering of the programs like Camino, Google Earth, etc all that is needed is a simple check that calls up the admin password request screen IF an outside application is trying to alter the internals of the another application. That should stop the Trojan from being able to alter the code of an application unless the user wishes that application code changed.

I haven't really studied system programming at all so I am not sure how easy this would be and how well it will work.. Can anyone tell me how viable this solution is?



joshysquashy
Feb 16, 2006, 02:41 PM
Or a password required the first time any application or script is run, with a check box for

"never ask for a password for this application again"

that would be a simple solution, a bit like on windows, you get asked if you want to run any program.

ChrisBrightwell
Feb 16, 2006, 03:10 PM
Can anyone tell me how viable this solution is?Be weary of "image files" asking for passwords?

caveman_uk
Feb 17, 2006, 02:46 AM
To stop this particular trojan you could not run as an admin user (stops the messing about with the /Applications folder) and set restrictive permissions on your ~/Library/InputManagers folder.

Basically I think input managers was such an obvious target for a virus that a warning should come up if anything tries to install anything in there. Input Managers have valid uses but the attraction of getting your code injected into every running app is too great to a virus writer.