On Mon, Jan 28, 2008 at 02:23:32PM +0200, Andras Mantia wrote:
> On Monday 28 January 2008, Marc Espie wrote:
> > Your average user gets a .jpg file, he doesn't want it to execute
> > just because it has an x bit...

> Let me know how the average user gets a jpg file with the x bit...

You are having your security backwards.

Most attack scenarios involve quite a few intermediate steps.
Blocking them only requires that you remove one intermediate step.

You just need to focus about the actual issue. Assume your average user
gets a file that looks like a jpg (or some other MIME-type), and that
has the executable type. If you execute that blindly, then you will
be part of some attacks.

Executing `surprising' files is a bad idea, as windows has proved times

> And again, what if the average user gets a compiled file, and .sh file 
> which does rm -rf $HOME ? 

This is less surprising.  At least, compiled files without any other
MIME-Types don't masquerade as anything else...

At some point, there's probably sense into not blindly executing shell
scripts... after all, everyone filters out .pif files by this point....