Convenience vs. Security I: Change Safari’s “safe” files list
This is a rewrite of an article from last year, with more clear instructions and images this time around.
Something that you should probably know about me is that my computer making my life more difficult in the name of “security” drives me utterly up the wall. At least give me the option! Things like how Windows has a nasty habit of forcing restarts overnight, causing you to lose anything you had open.. grr. More so when you change the settings to not do this and they get changed back automatically in a future update.
Listen, you jerks, did you forget whose computer this was?!
But that is a rant for another time.
One of the nicest things about Mac OS X is what I’d call “thoughtful” design. That is, you see little touches in various places that make your life easier, that make you think that the developers have thought of everything, the rough edges that you’ll run into as an everyday user.
And yet, even they’re not immune to the constant irritant of outright removing convenience in the name of security.
So, Safari. It’s a nice browser. Reasonably secure, reasonably fast, uses Webkit.
One of the nice little touches is has is that it’ll automatically open some files when they’re downloaded. If you download a .zip for instance, it’s a reasonably good bet that you want the contents extracted, so it just launches the system archive utility and away you go. Nice and smooth. If this bothers you, you can turn it off with a prominently placed check box:
Here’s the thing: What is considered a “safe” file changes from time to time.
Back in Safari 5, DMGs (disk images) were considered safe files.
Note the inclusion of “disk images” in the text.
This goes back to what I was talking about, removing convenience outright in the name of security. If I download a disk image, there is a 99.999% probability that I want to use its contents immediately.
Presumably, this was done due to the threat of malware automatically downloading to your PC and then having its disk image mounted. I’m kind of unsure what the real threat is, as long as you’re careful not to open random files on random disk images that appear on your computer unsolicited…
Thankfully, in this case, we have the ability to return that convenience on our own terms. Score one for usability!
While we can’t edit what Safari thinks a safe file is by hand, Mac OS has two very cool features we can use to work around this silliness. AppleScript, and Folder Actions.
- AppleScript is, as the name implies, a scripting language which is tied deeply into the operating system.
- Folder Actions is a feature where you can tie AppleScripts into folders and have them do things when files are added, removed, or modified.
See where this is going? We’re going to make an AppleScript that opens certain files placed into our Downloads folder automatically.
The first thing you should do is open up your AppleScript editor. This will be under Utilities in your Applications folder.
AppleScript is pretty simple, yet pretty powerful. You’ll notice that it sounds a lot like english. The hardest part is spelling “receiving” correctly
Paste this block of text into your AppleScript editor:
on adding folder items to this_folder after receiving added_items
repeat with this_item in added_items
tell application "Finder"
if name extension of this_item is "dmg" then
end adding folder items to
It should be relatively obvious what happens here. Whenever an item gets added to our folder, Finder is told to open the file if it’s a .dmg.
Now we need to make this a folder action. Save your script as something memorable, like “Open folder contents on add” then move it into the Folder Actions folder. You can find this under /Library/Scripts/Folder Action Scripts. (You’ll be prompted for your password here.)
This will make the script you just created ready for the next step.
Now, you need to find your user folder. The simplest way to do this is to click Downloads in the sidebar, then right-click and hit “Show enclosing folder”.
Right click on Downloads in the main window now, go to Services, and select “Folder Actions Setup…”
As soon as you click on this, you’ll be prompted for “Choose a script to attach”. The script you just saved will be in this list. Click it, and hit attach.
Once you do this, simply close the window. Now it’s time to test.
If you’re like me, you’ll have a ton of junk in your downloads folder already. Grab a disk image file from there and throw it onto your desktop.
Then, move it back into downloads. As soon as you hear the “sproing”, the disk image window should come up in a couple of seconds.
This may take a bit longer to work than usual the very first time.
And you’re done! Any time you download a disk image from now on, it automagically opens. The way it always should.