So, a README file in a medical CD launches Terminal?

[SKYLANE]

I had a calcium scoring about two months back, the Medical Office gave me a CD with the data afterwards. I took the data home and opened the CD on my 2014 Mac (Monterey). On the CD, I saw a README file (had no extension), now that I look at it again the icon is a black square with green letters in upper left corner of icon: exec Thinking it was just going to pop up with some text explaining details of the CD I double clicked it, this followed:

The README file launched what I believe to be Terminal or maybe Console (something else?), not sure what was happening since I was just expecting some text to come up with details of the CD. I was greeted with following (copied from a screenshot):



Last login: Wed Jul 24 17:18:19 on console
/Volumes/Untitled/README ; exit;
mycomputername@mycomputer-name ~ % /Volumes/Untitled/README ; exit;

Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.
Deleting expired sessions... 9 completed.

[Process completed]



Looking at another screenshot, I think this was part of it too but do not recall for sure... ( I replaced alphnumeric details with "@" and numeric details replaced with "#")



MediaUID-'#.#.###.#.#.#######.#.##.#.#.#########.####.##########.#"
MediaID="@#_@@@@@@@@_@@@@"
Server="unknownSite/@@@@@@@#"
Creator="remote:##.##.#.###"
Time="Tue Jun 18 12:56:25 PDT 2024"
CheckSum="###@##@#@#@@##@@@###@#@##@####"



Maybe this README icon was meant to be opened on a PC? In any case, looking at it again, thought I would drop it here for reactions. I haven't seen any odd behavior on my Mac since, but after revisiting this I am still left was a question mark in my head. I have no idea what any of that is...

[Diana]

Macs will “hide” the file extension, and the file type will be shown in the icon. If the instrument that created the files truly doesn’t give an extension, or labels it with something the Mac doesn’t recognize it defaults to an “exe” file: it sees it as an executable, like a program file. Hence, when you launched it it ran something (I’m surprised it ran something at all).

Change the file extension to “txt” and it will (should) become readable to you upon opening it.

[TheCaber]

Default permissions on ANY file created on any microsoft platform are u=rwx,g=rwx,o=rwx (anybody can read, write and execute the file (search, if a directory/folder). That is what you received on the CD, and loaded on your MacOS machine. That README file was an executable shell script; when you double-clicked it, it was opened and EXECUTED (see permissions above). Not a good choice when dealing with any non-MacOS file.

As Diana said, you could right-click and OPEN the file in a text editor (TextEdit.app is default) and read the contents before committing the execution. I have some idea what went on, but the shell script could have modified/replaced/removed itself before exiting. The same behavior is exhibited by many of the exploits seen in the wild on most non-MacOS/Unix/Linux (looking at YOU micro$oft).

If you feel like copy/pasting the script into a reply, I could take a look at it.

(P.S. I hope the calcium scoring results were OK for you, regardless)