Quark XPress Installer Flaw

From the security-is-a-rich-tapestry file: Macintouch readers are reporting that the Mac OS X Quark Xpress installer changes permissions of every file in the /Applications directory to world read/write/execute. Thus far there are no obvious exploits for this bug, but it does demonstrate that even non-security related applications can have security flaws. All software developers need to think about how to secure their applications, not just those in the security space.
By Chris on March 30, 2005 9:47 AM |