.DS_Store security issue?
-
What are the .DS_Store files used for? This was asked once before on
this list and I never saw a reply. The fact that these files are created
with mode 666 may represent a security problem. (This issue was first
raised on the XFree86 development list.) I've always been able to safely
delete them and presumably they contain some cached information for the
Desktop. However, since they are world writeable, it is possible that
they could be knowingly corrupted for some malicious purpose.
--Torrey -
> What are the .DS_Store files used for?
Yes, they're used for Finder stuff: icon positions, view options, etc. For
some strange reason they decided to keep that kind of info on a global
per-folder basis instead of per-folder-per-user, which is why it's world
writable -- anyone with permissions to look inside the folder can futz
around with view options and icon positions.
Presumably, the worst thing that could happen if someone "hax0r3d" a
.DS_Store is that the Finder would crash when trying to use the corrupt info
whenever anyone viewed the contents of the folder. If the Finder team has
been judicious in their error-checking, the worst thing that could happen is
that view options would get arbitrarily lost or screwed up... but that
already happens all the time anyways.
--
Rick Roe
Webmeister & Icon Dude
http://www.icons.cx/ -
On Friday, January 26, 2001, at 01:37 AM, Rick Roe wrote:
> Presumably, the worst thing that could happen if someone "hax0r3d" a
> .DS_Store is that the Finder would crash when trying to use the corrupt info
> whenever anyone viewed the contents of the folder. If the Finder team has
> been judicious in their error-checking, the worst thing that could happen is
> that view options would get arbitrarily lost or screwed up... but that
> already happens all the time anyways.
My Desktop crashes when trying to access / and /Users on my old system (that's why I reinstalled it on another partition) - I've already filed this and it got marked as "can't reproduce". Maybe .DS_Store got corrupted? I'll try to delete it...
andy
