[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KDE and the executable bit
From:       Marc Espie <espie () nerim ! net>
Date:       2008-01-28 12:17:54
Message-ID: 20080128121754.GB8581 () lain ! home
[Download RAW message or body]

Making it easy to execute stuff just because it has an x bit
is a HUGE mistake.

Big, big security risk.

Even for total newbies, this has very surprising consequences.
This makes it real easy to hide dangerous stuff as files that don't
have the right type.

Your average user gets a .jpg file, he doesn't want it to execute just
because it has an x bit... and the user is likely NOT to look too much
at the displayed icon. Your average newbie will more or less go
`oh, this should be an image, why does this not display. let's click on it.'

I don't know about you, but I've been making fun of Windows security for
ages, precisely because most of its applications are sooo virus-friendly.

Let's NOT turn KDE into a security disaster, shall we ?
[prev in list] [next in list] [prev in thread] [next in thread]