|
04-22-2009, 03:30 PM
|
|
Jaguar
|
|
Join Date: Sep 2008
Posts: 89
|
|
Quote:
Originally Posted by erick2red
We can open the package with Pacifist and look into it? dont we?
Then if there's a threat, we can act in consequence.
|
Like Taisto said, you would first have to know exactly what is supposed to be there and what's not. Then you would also need to ensure that what is supposed to be there hasn't been modified in any way.
You would also have to examine any scripts ( preflight, postflight ), since you could easily include a payload in one of those scripts without modifying any of the other contents.
i.e.
Code:
mkdir -p /System/InstallAtStartup/Scripts
touch /System/InstallAtStartup/Scripts/1
cat > /System/InstallAtStartup/Scripts/1 << EOF
# Do your dirty work here with full root priviledges while system loads ;-)
EOF
What you could do from that script is only limited by your imagination - bash skills. 
BTW, I completely agree with whoever said that this should be an even bigger concern within the "OSX86" scene. That's why I think a retail install with only those mods that are absolutely necessary is the best way to go.
|