[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: KMail and WINE integration - virus
From:       Bo Thorsen <bo () sonofthor ! dk>
Date:       2002-10-26 9:57:24
[Download RAW message or body]

On Friday 25 October 2002 21:29, Roger Larsson wrote:
> On Friday 25 October 2002 19.05, Thorsten Schnebeck wrote:
> > Hi!
> >
> > Maybe time for YACO (yet another config option ;-)
> >
> > Thinking of kiosk-like systems it would be nice to have an option that
> > kmail can _only_ save attachment. Or is this possible with a current
> > kmail?

I don't know if it's possible, but it sounds reasonable to me. Not just for 
kiosk systems, but also for corporate/school usage it would be nice if the 
administrator could at least be able to take away the option to run an 
executable. Personally I don't think it is a big security risk to allow 
people to always be able to open media files.

> Problem is - if you have save, and then click on the saved file.
> Then you get no notification... [That might be what happened]
>
> Should we warn everytime the user attempts to open an executable not
> residing in a trusted directory?
>
> Or develop some file level signing? (signed by local root at installation)

Definately not! You can not protect people from shooting themselves in the 
foot. If you want this type of protection then you install a mailserver 
filter that removes all executable attachments. Everything else is totally 
wrong.

Bo.

-- 

     Bo Thorsen                 |   Praestevejen 4
     Senior Software Engineer   |   5290 Marslev
     Klarälvdalens Datakonsult  |   Denmark


>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]