automator skepticism

Posted:
in macOS edited January 2014
automator seems like it could be a huge potential security leak... bringing outside scripts into your system, ummmmm....

Comments

  • Reply 1 of 7
    Quote:

    Originally posted by CDonG4

    automator seems like it could be a huge potential security leak... bringing outside scripts into your system, ummmmm....



    Automator does not seem more dangerous than Applescript to me!

    And I never heard about major security issues with Applescript. I might be wrong, though...
  • Reply 2 of 7
    costiquecostique Posts: 1,084member
    There is no greater security risk than installing any applications. Any application may potentially be a troyan horse which can wipe out your home folder, be it iTunes.app, an AppleScript, a shell script or an Automator script.
  • Reply 3 of 7
    buonrottobuonrotto Posts: 6,368member
    Isn't Automator just visual Applescripting? You pick the app, the scripting dictionary is basically what's shown on the left, and you create a workflow among actions and apps on the right.



    This is another feature I thought would be linked to the Finder in a more significant way, like the way the Panther finder has Folder actions available.
  • Reply 4 of 7
    hmurchisonhmurchison Posts: 12,145member
    That's right. Automator will need some sort of protection. However I'm not sure Applescript can delete things for you. If so then that is definitely a danger. Perhaps it needs to have a warning system when something destructive happens.
  • Reply 5 of 7
    amorphamorph Posts: 7,112member
    There are indeed some lingering security issues with AppleScript, and the AS team has been engaged in a delicate high-wire act balancing security with convenience: AppleScripters don't like having unsolicited dialog boxes popping up willy-nilly.



    AppleScript can move, rename, alter and delete files, launch, quit and manipulate applications and windows, etc. In fact, that's basically why it exists.



    Suffice it to say that the AS team is aware of problems, and their audience on the mailing lists is more than happy to make them aware of any problems they haven't acknowledged. Just to be absolutely clear, I'm not saying that people should be complacent. I'm saying that people have not been complacent, and they are not being complacent, and this is a good thing.



    Obviously, no-one wants AppleScript to get hijacked the way VBScript and ActiveX were. It's used for way too much serious work.
  • Reply 6 of 7
    kickahakickaha Posts: 8,760member
    Quote:

    Originally posted by BuonRotto

    Isn't Automator just visual Applescripting? You pick the app, the scripting dictionary is basically what's shown on the left, and you create a workflow among actions and apps on the right.



    This is another feature I thought would be linked to the Finder in a more significant way, like the way the Panther finder has Folder actions available.




    Why linked to the Finder? The Finder is Just Another App(tm) in OS X... treat it as such. Going to the *Finder* to set up *AppleScripts* is just weird. Linking an AppleScript to a folder, sure, that's Finder territory. But just setting up the workflow? Nope.
  • Reply 7 of 7
    buonrottobuonrotto Posts: 6,368member
    I was thinking more of the latter, I just didn't chose my words well.
Sign In or Register to comment.