Re: Why file content sniffing sucks



On Fri, 2003-12-26 at 14:37 +0100, Ingo Ruhnke wrote:

> > Hmmm, great options there.
> > How do you ID the following files
> >
> > "README"
> 
> plain-text, filename is enough for a guess
> 
> > "wine"
> 
> executable, detected by executable bit set.
> 
> > "my-sexy-picture.jpg"
> >
> > Hmmm, dunno, dunno, oh jpg...whoops, no, it was an executable trojan
> > renamed to a jpg to trick me into running it.
> 
> Guess on the suffix and open it in an image viewer, I don't see the
> problem. The only really brokenness of windows is that it hides
> suffixes at default, which is really evil.

Ah, so now we're not only guessing on suffix, we're guessing on suffix,
full filename, and executable permissions.

What happens if README has its executable bit set.
Or wine doesn't have its executable bit set for my user?
Or what happens if wine was simply a list of wines I wanted to buy for
the new years party, and actually has mimetype text/plain?

> > It is not an "optional feature" and doesn't need to be.
> 
> This makes Nautilus pretty much unusable once you get in contact with
> filetypes that it doesn't already know, which happens for me every
> other day.

Maybe if you filed a bug report with these unknown filetypes.
But no, bitching about it on a mailing list is far simpler.

iain
-- 




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]