Re: FUD about security and file extensions (was Re: Why file content sniffing sucks)
- From: Adam Williams <awilliam whitemice org>
- To: Charles Goodwin <charlie xwt org>
- Cc: Gnome List <gnome-list gnome org>
- Subject: Re: FUD about security and file extensions (was Re: Why file content sniffing sucks)
- Date: Fri Dec 26 12:15:02 2003
> > 1. Windows hides the .exe
> > 2. Even if windows does not have the .exe, the users are able to execute
> > attached programs.
> So you're advocating that all users know what .exe means. Oh, and .pl,
> .py, .sh, etc etc. Yes, that's really a solution... not.
> Or are you advocating that we kill email functionality by disallowing
> the manual opening of attachments to protect the user?
This debate is ludicrous.
A - You can't execute a program on UNIX that isn't set as executable.
Someone makes temporary files as executable? Not that I've ever seen.
B - If your paranoid mount /tmp and /home as "noexec". Evolution saves
temporary files in /tmp, and everything else a user writes should be in
/home.
So no problem, this doesn't have anything to do with file identification
or e-mail attachments.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
