Time Machine, the automated back-up system built into Mac OS X Leopard, has been justly celebrated for making the least-fun of all computer practices easy. At the touch of a button, you can find every revision of every single one of your files on hand at the time of its installation. Unfortunately, as Steven Fisher recently discovered, this comes with an ugly side effect: Even executable code can get run from Time Machine. Cool as that might sound, the consequences could be grim:
Let me give you a simple example: You find out Adium (for example) has an available exploit that the developers haven’t patched yet. You remove Adium, but it continues to exist in your backup. You visit a web page that activates the Adium bug, and Adium is launched from your backup. That you can launch Adium from your backup is not a bug. That Mac OS X will do so automatically without confirmation is a bug. The backup should be considered a vault for the user, not Launch Services.
Yikes. Rogue code is bad. Rogue code that you have to go out of
your way to re-delete from your archives? Really nasty. Apple, let’s get a fix going.
Via Daring Fireball.