• Home
  • Apple
  • News
  • OS X
  • Careful With Apple’s New Swift Playground – Run-As-You-Type Can Be Dangerous!

Careful With Apple’s New Swift Playground – Run-As-You-Type Can Be Dangerous!

Careful With Apple’s New Swift Playground – Run-As-You-Type Can Be Dangerous!

While Apple’s new Swift Playground is an excellent feature that beginning developers are sure to love, one developer has discovered a highly dangerous flaw in the system, the run-as-you-type nature of Playground can erase your hard drive.

9to5Mac reports that developer Steve Stroughton-Smith has discovered that the app isn’t sandboxed, which means entered code can do pretty much anything it wants. If you enter the code shown in the above tweet, it will delete every file on your hard drive. The realtime nature of Playgrounds means that you don’t even have to press ENTER to start the erasing process!

Apple is sure to fix this issue, but until then, be very careful what you enter in the Playground, and also be wary of running any Swift scripts you may find on the web unless you know what they do.

  1. Bruno Philipe says:

    This is idiot! You can do this on any language, with or without REPL…

    1. Someone says:

      But not without pressing enter.

  2. Kakubei says:

    It won’t erase every file in your hard drive, it will erase every file inside your user’s home folder, that’s what the little squiggly thing (tilde) means. As pointed out by Bruno, this is a stupid thing to do in any language.

    1. Yes, but not in every language everything is evaluated as soon as you typed it, and from what I understand that’s how Playground is working.

      1. Kakubei says:

        Not to start a flame war over this… post, but in what context, while programming, would you ever type something like that? Ever? Even as a test? Even to find out what the `rm -rf` command does?

        Maybe the point is Apple should check for dangerous commands in Playground, that’s fine, but I stil find the example a bit… (searching for another euphemism) silly.

        1. Of course, this example is rather extreme, but that’s the thing you should be aware of. Lots of people executed ‘delete’ SQL query forgetting to add some ‘where’ clause…

Leave a Reply

Your email address will not be published. Required fields are marked *