The Trojan program.. isn't that vulnerability easy to fix?

Discussion in 'Mac Programming' started by Archmagination, Feb 16, 2006.

  1. Archmagination macrumors regular

    Dec 15, 2004
    A lot of people are making a fuss about about this program.. looking at it I thought didn't do much and it would be easy to fix the hole it exploits.

    I think(I have about a 2 years programming, but I haven't programmed in awile so I may be wrong) to fix the altering of the programs like Camino, Google Earth, etc all that is needed is a simple check that calls up the admin password request screen IF an outside application is trying to alter the internals of the another application. That should stop the Trojan from being able to alter the code of an application unless the user wishes that application code changed.

    I haven't really studied system programming at all so I am not sure how easy this would be and how well it will work.. Can anyone tell me how viable this solution is?
  2. joshysquashy macrumors 6502a

    May 13, 2005
    Or a password required the first time any application or script is run, with a check box for

    "never ask for a password for this application again"

    that would be a simple solution, a bit like on windows, you get asked if you want to run any program.
  3. ChrisBrightwell macrumors 68020


    Apr 5, 2004
    Huntsville, AL
    Be weary of "image files" asking for passwords?
  4. caveman_uk Guest


    Feb 17, 2003
    Hitchin, Herts, UK
    To stop this particular trojan you could not run as an admin user (stops the messing about with the /Applications folder) and set restrictive permissions on your ~/Library/InputManagers folder.

    Basically I think input managers was such an obvious target for a virus that a warning should come up if anything tries to install anything in there. Input Managers have valid uses but the attraction of getting your code injected into every running app is too great to a virus writer.

Share This Page