'branches/KDE/3.5/kdewebdev/doc/kommander'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    branches/KDE/3.5/kdewebdev/doc/kommander
From:       Eric Laffoon <sequitur () kde ! org>
Date:       2008-02-13 6:03:35
Message-ID: 1202882615.808456.5363.nullmailer () svn ! kde ! org
[Download RAW message or body]

SVN commit 774371 by sequitur:

Explain executable bit security measures

 M  +11 -0     basics.docbook  


--- branches/KDE/3.5/kdewebdev/doc/kommander/basics.docbook #774370:774371
@@ -118,4 +118,15 @@
 <para>To learn more about the language syntax, commands and how to use the text \
editor, consult the upcoming chapters and check the examples shipped with the \
&kommander; source.</para>  </sect1>
 
+<sect1 id="exec-bit">
+<title>Executable bit - new in 1.3</title>
+<para>
+For security reasons we introduced the executable bit requirement in version 1.3. \
Some will applaud this as long overdue. Others will consider it a terrible annoyance \
or even too scarey to use. Unfortunately there is no perfect solution. The problem is \
that you can download a Kommander dialog from anywhere or get one in your email and \
click on it and run it by accident. Because Kommander can run shell scripts it is \
sort of in an odd place. While other applications don't nag you this way you actually \
had to install them so clearly you felt safe and intended to run them. A single line \
of shell scripting could permanently wipe out your home directory. Our intent is to \
eliminate an accidental click on an untrusted dialog. We aplogize for any \
inconvenience, but there is no way to do this to even the developer's satisfaction \
that it will not annoy you while keeping you safe.  +</para>
+<para>
+You are not prevented from running a dialog, just nagged. You can make it go away by \
using a file manager or the shell to set the executable bit. Right click on the \
dialog in Konqueror, select properties from the menu, choose the permissions tab and \
check the <quote>is executable</quote> checkbox. Now the nag will be gone from this \
dialog forever. Check our web site for a tool that searchesfor &kommander; dialogs \
and allows you to review them and choose whether any or all of them should have the \
bit set. To use the shell and make all the &kommander; dialogs in a directory \
executable use this command. <command>chmod u+x *.kmdr</command> +</para>
+<warning><para>Do not set dialogs as executable if you are not confident of their \
origin.</para></warning> +</sect1>
+
 </chapter>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic