The Safari Shell Script Execution Exploit

, Feb 22, 2006

John Gruber a.k.a. The Daring Fireball has the most thorough coverage (as usual) of this Mac OS X exploit. His conclusion:

It boils down to this: you can’t safely double-click files from untrusted sources, and you never could.