[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [RFC] Security and Features in KPDF
From: George Staikos <staikos () kde ! org>
Date: 2005-01-03 4:30:47
Message-ID: 200501022330.47365.staikos () kde ! org
[Download RAW message or body]
On Sunday 02 January 2005 20:44, Tobias Koenig wrote:
> > > This is really a save solution. When the user still clicks on 'Ok' and
> > > the virus/wurm is executed... well, that's the users problem. But
> > > that's the same case as when the user clicks on an unknown email
> > > attachment. Do we forbid email attachments for this reason?
> >
> > This is not always so safe, because not all users understand the
> > implications of a 1 character difference between two command lines, one
> > being safe, the other being devastating.
>
> And what's the different to a script that the user downloads from
> www.coolnewgames.com and executes it because its name is install.sh?
>
> We can't prevent the stupidity of some users, but we shouldn't impair
> other users by refusing features just because some single users have to
> click on every button that comes under their mouse...
The biggest difference is that people aren't accustomed to not being able to
trust a PDF that their application already warns about this way. They know if
you download an unsigned executable and run it, you risk getting a virus or
other such problem. I know that I wouldn't be concerned about myself running
commands in PDFs (I know enough to just say no all the time due to the
various risks), but I am concerned for others in general.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic