Safe Terminal fixes a security weakness with Mac OS X Terminal utility, when it execute shell scripts without the user permission.
If Safari "Open safe files after download" is enabled, its possible to create malicious shell scripts that will be executed by the Terminal automatically after you download them. It is also possible to create malicious shell scripts that look like a document or a folder, that will be executed by Terminal on double click without warning.
After Safe Terminal is installed, the Terminal utility will not execute any file, even if "Open safe files after download" option in Safari is enabled. However, the usage of the Terminal to type and run commands is not effected in any way.
If you are not allowed to administer this computer, or want to install only for your account, you may install into the InputManagers folder inside the Library folder inside your home folder.
To verify the installation, try to double click the file named "test.command" in the disk image. You should hear a beep and the file will not run. Without Safe Terminal a new shell window will open, and the computer will warn you about evil scripts.
Safe Terminal will not execute shell scripts, .command and .term files by double clicking or using the File>Open menu in the Finder. I believe that it is not safe enough for most users to open these files from the Finder, because the Finder will not warn you about shell scripts you never run, like it does for unknown applications.
To execute safe shell scripts in the Terminal, choose File>Open menu or Command + O in the Terminal itself, and select the file.
Copyright © 2006 Nir Soffer
License: GNU General Public License, see COPYING