[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-look
Subject:    Re: Automatically executing files
From:       Henry Stanaland <henryst () MIT ! EDU>
Date:       2001-05-26 5:10:48
[Download RAW message or body]

Steven D'Aprano wrote:

> Henry Stanaland wrote:
> >
> > 1.)  If they click on an untrusted file called "happy.run" it's their stupidity if
> > it's bad(we can't tie peoples show).  However, most of the time, they'll probably
> > be executing something like "quake.install" or "install.sh" which should become
> > obvious to them by the time they select "Don't show me this again"
>
> Too bad when virus writers start creating trojan horses/viruses and
> calling them "quake.install" or "install.sh".

Yes, I liked the way the example warning message on the gnome list warned
about executing something from an untrusted source.  That is really the
only thing you can do, trust the source(or compile the source...excuse the pun).


>
>
> > 2.)  We should protect them from clicking happy.image and getting an executable
> >         without their consent.  Files with registered MIME will be handled by their
> >         appropriate application.
>
> Rather than registering "non-executable" files, and passing them to
> another application, we should register "expected executables" that will
> be executed. In other words, instead of having a list of "suspicious"
> MIME types that should not be executed (eg *.image, *.text etc) we have
> a list of "less suspicious" (I won't say trusted) MIME types that are
> allowed to be executed from the GUI (eg *.exe, *.sh, *.app). The benefit
> of this is that it is easier to predict what files should be executable
> than it is to predict what files shouldn't be executable.
>
> This means if you have a file called happy.staple, and the user clicks
> it, it will open in KStapler even if the executable bit is set. Only
> "expected executable" MIME types will be executed if the user clicks on
> them.
>
> Perhaps even better we can allow two levels of expected executables:
> "common" and "unusual". Common types (eg *.exe) will simply run when
> clicked on. Unusual types will first display a dialog warning the user
> that they are about to run a program, and give them the opportunity to
> cancel the procedure if that wasn't what they expected.

Yes, this is what I mean.  We have common executables(I'm not really sure
what the usual extensions are...I can only recall .sh and .run)...but like I said
it will probably still be better to give the initial warning from whence a
user can choose "Never show this again."

I have sent the suggestion to the higher ups.

Henry

[prev in list] [next in list] [prev in thread] [next in thread]