Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
- From: Miguel de Icaza <miguel ximian com>
- To: Dan Winship <danw ximian com>
- Cc: nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
- Subject: Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
- Date: 24 May 2001 15:36:17 -0400
> And for the gazillion and oneth time on the other side: IT DOESN'T
> MATTER. It doesn't matter how many warnings the user gets. It doesn't
> matter how dire they are. You can pop up a dialog that says "If you
> proceed, your children will be kidnapped, tortured, and murdered", and
> *THEY'LL STILL CLICK "OK"* because they want to see the funny joke
> they've been promised is in the attachment. This has been demonstrated
> time and time again in the Outlook world. The so-called "security fixes"
> for Outlook have done almost nothing to slow the spread of viruses.
And we keep talking about Outlook. How many virus/trojans can you
track down in recent history on programs you downloaded from the
network and ran `accidentally' because they had the .exe extension?
Yes, it is a potential hole, but if they downloaded the software from
a web site, and the web site instructs them to do `chmod +x file' to
`see the joke', how is this different from them clicking on the OK
button? It is not.
> Here's another scenario. I send out a message with two attachments
> "foo.jpg" and "foo-no-security-bit.jpg". The first contains random data,
> the second contains a trojan horse. I mention in the message that some
> versions of Evolution don't properly handle the "security bit" in the
> first image, so I've also attached a second copy without the security
> bit set. Recipient tries to view the first attachment, but it doesn't
> work (cause it's random data). User then tries to view the second
> attachment, the exe handler warns that he's trying to execute a binary
> without the security bit set, and the user clicks "ok", because after
> all, the message already told him to expect that, right? Boom.
You can also send an e-mail saying `please drag the /bin directory
into the trashcan and everything will work just fine'. People who
dont know will also follow the instructions and ignore warnings.
> If you feel comfortable shipping the exe-handler without a warning
> dialog, well, then, go ahead, I guess (but please don't tie it into
> gnome-vfs!). But don't kid yourself into believing that a warning
> message will make it any more secure.
Who said I would ship without a warning? Jesus guys, why dont you go
read the source code I posted before making those claims?
The source code I posted contains the warning message before changing
the execution bit.
> PS - Oh, and not all OSes use ELF/a.out. You need something more
> generic.
I can add support to those very easily. Give me the signature for
anything you want supported and it will be added.
Love,
Miguel.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]