Welcome: AppMenuBoy 1.0 is up on the Mac Playground
1 view
Skip to first unread message
David Phillip Oster
Apr 30, 2008, 12:04:15 PM4/30/08
to AppMenuBoy
AppMenuBoy 1.0 is up on the Mac Playground. This posting is just to
put something in the discussion section of this Google Group. Maybe
there's some interest in extending AppMenuBoy.
put something in the discussion section of this Google Group. Maybe
there's some interest in extending AppMenuBoy.
Gonzie
May 1, 2008, 12:06:15 PM5/1/08
to AppMenuBoy
Hi David
thanks for approving my membership of your group.
I have a potential feature request which hopefully should expand it's
scope from "yet another application menu"
an application installer
if your using your Mac as you should be (separate admin account while
you use a normal account with no limits) installing applications can
be a pain
"the problem"
drag an app over to the applications folder provide admin details all
is good, however it's not… not really as from a security point of view
the file permissions of the application you've just "installed" are
wrong the file will still be owned by you, inside that app will be
writable by you. some apps install with even worse permissions giving
a writable area to all and sundry.
my proposed feature would be that the dock icon of the application
become a gateway for apps to be installed, drag the app or folder onto
the dock icon up pops a request for admin permissions complete that
and appmenuboy will copy it to the application folder with correct
permissions in one smooth move
correct permissions in my opinion would be Owner Root: Read Write and
Execute | Group: Admin Read Write and Execute | Everyone Read and
Execute but that would be open to debate, I'm just going by properly
installed applications already on my Mac (iLife, quicktime for
example)
I'd also like to see if possible when you clicked the dock icon it
would open the application folder rather than bring the app into focus
but little idea if that's possible. oh and icons in the dock menu :)
cheers
Gonzie
On Apr 30, 5:04 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
thanks for approving my membership of your group.
I have a potential feature request which hopefully should expand it's
scope from "yet another application menu"
an application installer
if your using your Mac as you should be (separate admin account while
you use a normal account with no limits) installing applications can
be a pain
"the problem"
drag an app over to the applications folder provide admin details all
is good, however it's not… not really as from a security point of view
the file permissions of the application you've just "installed" are
wrong the file will still be owned by you, inside that app will be
writable by you. some apps install with even worse permissions giving
a writable area to all and sundry.
my proposed feature would be that the dock icon of the application
become a gateway for apps to be installed, drag the app or folder onto
the dock icon up pops a request for admin permissions complete that
and appmenuboy will copy it to the application folder with correct
permissions in one smooth move
correct permissions in my opinion would be Owner Root: Read Write and
Execute | Group: Admin Read Write and Execute | Everyone Read and
Execute but that would be open to debate, I'm just going by properly
installed applications already on my Mac (iLife, quicktime for
example)
I'd also like to see if possible when you clicked the dock icon it
would open the application folder rather than bring the app into focus
but little idea if that's possible. oh and icons in the dock menu :)
cheers
Gonzie
On Apr 30, 5:04 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
David Phillip Oster
May 1, 2008, 1:16:26 PM5/1/08
to AppMenuBoy
Gonzie,
I partially agree with you: dragging an app into /Applications
causes Finder to ask for your admin credentials, then _move_ (not
_copy_) the app to the new location, leaving the permissions of the
individual pieces the way they were.
This would potentially allow me to modify the app while it is in use
by another user of my computer, which could be a vector for malware:
Once you copy an app to /Applications, you could edit its permissions
to remove write access either on the command line with something like:
chmod -R -w "Google Notifier.app"
or using Get Info in the Finder.
But this doesn't fix the security hole, since malware could just
change the protections back.
This atttack scenario:
User 1 with the admin password could install an innocuous app, then
run some piece of malware (malA) that rewrites that app to be malware
(malB), which, when user 2 is using the machine, and runs what he
thinks is an innocuous app, then malwareB can work its will.
while, if ownership of the innocuous app had been changed to Admin at
install time, then malA couldn't modify it.
The real fix is to give up ownership. And you might as well give
ownership to the admin account, since the administrator account could
modify it no matter what you set the permissions to.
> some apps install with even worse permissions giving a writable area to all and sundry.
Yes, but some of those that do this do it because the app won't run
otherwise. File bug reports with the authors and wait for updates
before using them.
BUT this isn't AppMenuBoy's job.
* I really like drag installs - I think they are a key part of the
Macintosh experience.
* As a user, I just have a symbolic link in /Applications called "3rd
party Apps" that links to a folder of _my_ apps. That way I don't have
to worry that a system upgrade will blow away something not from Apple
that I care about.
* I don't want to be in the installer business.
* I don't want to be responsible for apps stopping working because I
changed their permissions. (The fact that the app was buggy in the
first place doesn't count: the user will see my program as breaking
their app.)
* As a user, I wouldn't trust an installer app I downloaded from some
random site on the net: What is it really doing?
On the other hand,
> I'd also like to see if possible when you clicked the dock icon it
> would open the application folder rather than bring the app into focus
Easy. Thanks, Will do. You know, I'm so used to clicking and holding
on AppMenuBoy's dock icon (or right clicking) that I didn't notice
that a simple single click doesn't bring up the menu.
Technical details: in response to a re-open apple event, send the
Finder an appleEvent to open and reveal the Applications window.
tell application "Finder"
open POSIX file "/Applications"
end tell
> but little idea if that's possible. oh and icons in the dock menu :)
I tried. You can see my frustration in the original source code: I
make the same system calls to build the dock menu as I do to build the
menu bar menu. In the menu in the menu bar, the icons work. In the
Dock menu, those same calls are ignored.
I partially agree with you: dragging an app into /Applications
causes Finder to ask for your admin credentials, then _move_ (not
_copy_) the app to the new location, leaving the permissions of the
individual pieces the way they were.
This would potentially allow me to modify the app while it is in use
by another user of my computer, which could be a vector for malware:
Once you copy an app to /Applications, you could edit its permissions
to remove write access either on the command line with something like:
chmod -R -w "Google Notifier.app"
or using Get Info in the Finder.
But this doesn't fix the security hole, since malware could just
change the protections back.
This atttack scenario:
User 1 with the admin password could install an innocuous app, then
run some piece of malware (malA) that rewrites that app to be malware
(malB), which, when user 2 is using the machine, and runs what he
thinks is an innocuous app, then malwareB can work its will.
while, if ownership of the innocuous app had been changed to Admin at
install time, then malA couldn't modify it.
The real fix is to give up ownership. And you might as well give
ownership to the admin account, since the administrator account could
modify it no matter what you set the permissions to.
> some apps install with even worse permissions giving a writable area to all and sundry.
otherwise. File bug reports with the authors and wait for updates
before using them.
BUT this isn't AppMenuBoy's job.
* I really like drag installs - I think they are a key part of the
Macintosh experience.
* As a user, I just have a symbolic link in /Applications called "3rd
party Apps" that links to a folder of _my_ apps. That way I don't have
to worry that a system upgrade will blow away something not from Apple
that I care about.
* I don't want to be in the installer business.
* I don't want to be responsible for apps stopping working because I
changed their permissions. (The fact that the app was buggy in the
first place doesn't count: the user will see my program as breaking
their app.)
* As a user, I wouldn't trust an installer app I downloaded from some
random site on the net: What is it really doing?
On the other hand,
> I'd also like to see if possible when you clicked the dock icon it
> would open the application folder rather than bring the app into focus
on AppMenuBoy's dock icon (or right clicking) that I didn't notice
that a simple single click doesn't bring up the menu.
Technical details: in response to a re-open apple event, send the
Finder an appleEvent to open and reveal the Applications window.
tell application "Finder"
open POSIX file "/Applications"
end tell
> but little idea if that's possible. oh and icons in the dock menu :)
make the same system calls to build the dock menu as I do to build the
menu bar menu. In the menu in the menu bar, the icons work. In the
Dock menu, those same calls are ignored.
David Phillip Oster
May 1, 2008, 1:30:23 PM5/1/08
to AppMenuBoy
AppMenuBoy is open source, under the Apache license. Feel free to
fetch the source and use pieces of it in something else.
fetch the source and use pieces of it in something else.
Gonzie
May 1, 2008, 7:20:06 PM5/1/08
to AppMenuBoy
the thing is, if your trying to replicate the application style folder
and menu of tiger dragging things onto the dock icon to copy it to the
application folder is something it did/should do considering it should
be replacing the dock stack (which does pretty much the same thing)
the permission thing was just a theory i had in my head and wondered
if it would actually be a useful feature to someone other than myself
and thought it would actually expand the app beyond what everyone else
is doing/have done. generally the auto change in permissions would be
configurable but with the right setting as default with maybe a tick
box to say yes adjust the permissions or something
features should be
right click menu of applications (check)
left click opens application folder in finder
drag icon onto dock icon copies item to application folder
as much as i'd like to go diving into source code and programming and
altering this stuff myself, i'm not a programmer just a theory guy
On May 1, 6:16 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
and menu of tiger dragging things onto the dock icon to copy it to the
application folder is something it did/should do considering it should
be replacing the dock stack (which does pretty much the same thing)
the permission thing was just a theory i had in my head and wondered
if it would actually be a useful feature to someone other than myself
and thought it would actually expand the app beyond what everyone else
is doing/have done. generally the auto change in permissions would be
configurable but with the right setting as default with maybe a tick
box to say yes adjust the permissions or something
features should be
right click menu of applications (check)
left click opens application folder in finder
drag icon onto dock icon copies item to application folder
as much as i'd like to go diving into source code and programming and
altering this stuff myself, i'm not a programmer just a theory guy
On May 1, 6:16 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
David Phillip Oster
May 5, 2008, 4:56:22 PM5/5/08
to AppMenuBoy
On May 1, 4:20 pm, Gonzie <m.gree...@gmail.com> wrote:
> the thing is, if your trying to replicate the application style folder
> and menu of tiger dragging things onto the dock icon to copy it to the
> application folder is something it did/should do considering it should
> be replacing the dock stack (which does pretty much the same thing)
> the permission thing was just a theory i had in my head and wondered
> if it would actually be a useful feature to someone other than myself
> and thought it would actually expand the app beyond what everyone else
> is doing/have done. generally the auto change in permissions would be
> configurable but with the right setting as default with maybe a tick
> box to say yes adjust the permissions or something
>
> features should be
>
> right click menu of applications (check)
> left click opens application folder in finder
> drag icon onto dock icon copies item to application folder
>
> as much as i'd like to go diving into source code and programming and
> altering this stuff myself, i'm not a programmer just a theory guy
>
Hmm. Now that I see what you are asking, it wouldn't be hard to do.
> the thing is, if your trying to replicate the application style folder
> and menu of tiger dragging things onto the dock icon to copy it to the
> application folder is something it did/should do considering it should
> be replacing the dock stack (which does pretty much the same thing)
> the permission thing was just a theory i had in my head and wondered
> if it would actually be a useful feature to someone other than myself
> and thought it would actually expand the app beyond what everyone else
> is doing/have done. generally the auto change in permissions would be
> configurable but with the right setting as default with maybe a tick
> box to say yes adjust the permissions or something
>
> features should be
>
> right click menu of applications (check)
> left click opens application folder in finder
> drag icon onto dock icon copies item to application folder
>
> as much as i'd like to go diving into source code and programming and
> altering this stuff myself, i'm not a programmer just a theory guy
>
I just, personally, don't like your left-click feature, and as a user
I would never have discovered your drag feature. (I always treat the
Applications folder as sacred to Apple, and put applications
elsewhere, with only an alias to them in the Applications folder.)
Gonzie
May 5, 2008, 6:23:54 PM5/5/08
to AppMenuBoy
well everyone uses their computer differently but i really think that
left clicking the app should open the application folder just like
that stack does now and the dock item in tiger does
On May 5, 9:56 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
left clicking the app should open the application folder just like
that stack does now and the dock item in tiger does
On May 5, 9:56 pm, David Phillip Oster <DavidPhillipOs...@gmail.com>
wrote:
Reply all
Reply to author
Forward
0 new messages