Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
- From: Vladimir Vukicevic <vladimir ximian com>
- To: Miguel de Icaza <miguel ximian com>
- Cc: Dan Winship <danw ximian com>, nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
- Subject: Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
- Date: 24 May 2001 19:04:31 -0400
On 24 May 2001 17:42:56 -0400, Miguel de Icaza wrote:
> Dan Winship wrote:
> >
> > If you do that, then Evolution, and any other app that uses the MIME db,
> > will transparently start handling executables too.
>
> You make a good point showing how little I thought about the issue.
> And look again like a dumb rock by not being able to walk the entire
> chain of thought.
>
> But I think that we can still implement this for Nautilus, while
> keeping Evolution safe. The trick is to make Evolution treat
> specially the `application/x-executable' MIME type.
>
> It makes sense to do treat this in Evolution as a special case since
> Evolution and mail will be the target of attacks anyways, and we can
> not trust information that has been sent to us.
I still don't see the utility in adding hacks into evolution to
special-case this. Will the same happen with application/x-rpm? And
application/x-scripting-language? I still maintain that having the user
have to manually set the execute bit will at least force them to
actually have to -do- something that will hopefully make them realize
that they either know what they're doing or they don't. It's such a
small thing that can possibly prevent a large amount of headache.
I would hate to have this small "fature" that the large majority of
users won't ever have to deal with... instead they can follow the
intructions that say to right-click on the file and select properties,
but oh wait, that won't work until everyone uses Nautilus or gmc.. how
does konqueror handle this? or efm? Or someone who doesn't use a file
manager? So in the end, all the sites that have such binaries
(installers, mostly), will still end up telling users to chmod +x. And
users will do that, not knowing that they can double-click on the file
and have it magically work. Instead, the people who -didn't- know about
this "feature" will be screwed.
Doing this is going to open up the way for a purely GNOME virus.
- Vladimir
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]