Hacker News new | past | comments | ask | show | jobs | submit login

Here is how I fixed the problem for myself temporarily:

1. Quit Zoom.

2. Kill the ZoomOpener process.

3. cd ~; mv .zoomus/ .zoomus.off/

4. mkdir .zoomus && sudo chown root .zoomus; sudo chmod 600 .zoomus

Now, the Safari permission prompt will show up every time you click on a Zoom link.

It should be pointed that an empty directory (even if owned by root) placed in your home directory can still be deleted by you, without requiring root. You need to place a file into the directory.

Or if you want something drastic, run

    chflags simmutable ~/.zoomus
as root. This will make sure that not even root can delete it.

That is actually true, just tested it. There is always something new to learn!

Yeah because removing a file or empty directory only changes the table at the parent directory. So you only need the write permission of the parent directory.

This worked for me...

In order to verify that the opener was running, I ran the following command.

ps aux | grep zoom

To kill the opener I ran the following.

killall zoom

Then I followed the rest of the instructions above to create a locked down version of the directory. You could also create a file called .zoomus instead (similar to the suggestions made farther down this comment thread).

UPDATE no need to do this any more. Zoom actually conceded they were wrong and pushed out an update that removes the local webserver: https://imgur.com/gallery/INvYaH4 (from the discussion below in the thread).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact