On Friday 25 October 2002 21:29, Roger Larsson wrote:
> On Friday 25 October 2002 19.05, Thorsten Schnebeck wrote:
> > Hi!
> >
> > Maybe time for YACO (yet another config option ;-)
> >
> > Thinking of kiosk-like systems it would be nice to have an option tha=
t
> > kmail can _only_ save attachment. Or is this possible with a current
> > kmail?

I don't know if it's possible, but it sounds reasonable to me. Not just f=
or=20
kiosk systems, but also for corporate/school usage it would be nice if th=
e=20
administrator could at least be able to take away the option to run an=20
executable. Personally I don't think it is a big security risk to allow=20
people to always be able to open media files.

> Problem is - if you have save, and then click on the saved file.
> Then you get no notification... [That might be what happened]
>
> Should we warn everytime the user attempts to open an executable not
> residing in a trusted directory?
>
> Or develop some file level signing? (signed by local root at installati=
on)

Definately not! You can not protect people from shooting themselves in th=
e=20
foot. If you want this type of protection then you install a mailserver=20
filter that removes all executable attachments. Everything else is totall=
y=20
wrong.

Bo.

--=20

     Bo Thorsen                 |   Praestevejen 4
     Senior Software Engineer   |   5290 Marslev
     Klar=E4lvdalens Datakonsult  |   Denmark

 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<