"Once Again, Don't give it your password "
From the article and from what Phil Arundell says, it sounds like you install the script and the script requests some actions from the Remote Desktop Agent. The harmful acts are performed by the desktop agent, so that's the program you would need to change permissions to. Conversely, you could easily execute the script from anywhere without giving it your password.
So, a real security threat but one that's easy to avoid. As an OS X user, I'm hoping that we see more of these in the short term, so that Apple are forced to start being a bit more sensible about security, rather than claiming that if the kernel and most of the core libraries are secure then the OS must be.
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Analysis The future health of the internet comes down to ONE simple question…