Security issue: Bridge script loading not verified

  • 1
  • Problem
  • Updated 2 months ago
Problem Description: Removing user scripts and then adding different ones does not alert the user to approve the new scripts. This is a security risk as scripts are executable code that can silently move, delete, email, or ftp files. Malware could easily swap scripts out.

Apparently Bridge caches the script names so even a quit and relaunch between doesn't help.

Steps to Reproduce:
1. Add a script to the Startup Scripts folder
2. Launch Bridge and approve the new script
3. Open the Startup Scripts folder and remove the test script. Replace with a different script using the same name.
4. Quit and relaunch Bridge

Actual Result: No alert to user

Expected Result: Scripts should be checksummed when added and then verified at each launch. The user should be alerted to changes.

Any Workarounds: None.

Photo of David Converse

David Converse

  • 440 Posts
  • 127 Reply Likes

Posted 2 months ago

  • 1
Photo of David Converse

David Converse

  • 440 Posts
  • 127 Reply Likes
This includes duplicate script names from outside of Startup Scripts. So, a script called "bridge-8.jsx" will silently load when put into Startup Scripts, and will work.

I can write a script that silently autoruns this way.
Photo of David Converse

David Converse

  • 440 Posts
  • 127 Reply Likes
Save this as "bridge-8.jsx" and add to Startup Scripts folder. It will show an alert (possibly a few times) on launch.

This duplicates a script that is installed by Adobe and autoloads.


---------------------

#target bridge;
if(BridgeTalk.appName == 'bridge'){
    onCreateDocument = function(event){
        if(event.object instanceof Document){
            app.eventHandlers.pop();
            alert("Testing");
            return{handled:true};
            }
        }
    }

    app.eventHandlers.push({handler: onCreateDocument});

---------------------