"Once Again, Don't give it your password "
From the article and from what Phil Arundell says, it sounds like you install the script and the script requests some actions from the Remote Desktop Agent. The harmful acts are performed by the desktop agent, so that's the program you would need to change permissions to. Conversely, you could easily execute the script from anywhere without giving it your password.
So, a real security threat but one that's easy to avoid. As an OS X user, I'm hoping that we see more of these in the short term, so that Apple are forced to start being a bit more sensible about security, rather than claiming that if the kernel and most of the core libraries are secure then the OS must be.
- Updated Hidden network packet sniffer in MILLIONS of iPhones, iPads – expert
- Students hack Tesla Model S, make all its doors pop open IN MOTION
- BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
- PROOF the Apple iPhone 6 rumor mill hype-gasm has reached its logical conclusion
- US judge: YES, cops or feds so can slurp an ENTIRE Gmail account