←back to thread

Malicious versions of Nx and some supporting plugins were published

(github.com)
441 points longcat | 2 comments | 27 Aug 25 01:38 UTC | HN request time: 0.551s | source
Show context
vorgol ◴[27 Aug 25 13:00 UTC] No.45039050[source]
OSs need to stop letting applications have a free reign of all the files on the file system by default. Some apps come with apparmor/selinux profiles and firejail is also a solution. But the UX needs to change.
replies(5): >>45039375 #>>45040698 #>>45041459 #>>45041809 #>>45045968 #
terminalbraid ◴[27 Aug 25 13:26 UTC] No.45039375[source]
Which operating system lets an application have "free reign of all the files on the file system by default"? Neither Linux, nor any BSD, nor MacOS, nor Windows does. For any of those I'd have to do something deliberately unsafe such as running it as a privileged account (which is not the "default").
replies(6): >>45039776 #>>45039798 #>>45039824 #>>45040322 #>>45040368 #>>45040974 #
1. SoftTalker ◴[27 Aug 25 14:39 UTC] No.45040368[source]
How many software installation instructions require "sudo"? It seems to me that it's many more than should be necessary. And then the installer can do anything.

As an administrator, I'm constantly being asked by developers for sudo permission so they can "install dependencies" and my first answer is "install it in your home directory" sure it's a bit more complexity to set up your PATH and LD_LIBRARY_PATH but you're earning a six-figure salary, figure it out.

replies(1): >>45043050 #
2. ezfe ◴[27 Aug 25 18:15 UTC] No.45043050[source]
Even with sudo, macOS blocks access to some User-accessible locations:

% sudo ls ~/Pictures/Photos\ Library.photoslibrary

Password:

ls: /Users/n1503463/Pictures/Photos Library.photoslibrary: Operation not permitted