Re: Document Centricity in GNOME [LONG]

From: "Brian F. Kimball" <bfk footbag org>
To: gnome-gui-list gnome org
Cc: moshez math huji ac il, Franck sopac org fj
Subject: Re: Document Centricity in GNOME [LONG]
Date: Tue, 9 May 2000 23:21:04 -0700

(sent only to gnome-gui)

I *really* like the "Open Safely" idea.

Franck Martin wrote:

> You cannot expect every single piece of software to make the difference
> between running the code and not running it.

In the case of macros/scripting embedded in documents, you can and you
should expect applications to be designed with security in mind.  Even
Microsoft gives users the ability to turn off Word macros.  Plus, "Open
Safely"  could be the equivalent of "gless BIG_NASTY_WARNING_FILE &&
application" for the insecure apps, which would have the added benefit
of pressuring the application writer to actually provide some security.

In the case of documents that are pure code (like shell scripts), "Open
Safely" can be the same as "Open" which should open the file in the
user's favorite pager.  "Run" should actually execute it.

IMHO "Open Safely" is absolutely wonderful because its very presence
immediately informs users that "just opening" a document isn't 
necessarily safe, and that one should take precautions when dealing with 
files from untrusted sources.

The only problem is liability... if "Open Safely" mistakenly opens a
file unsafely or if a bug in the application is exploited, some very
pissed off users might think they have good reason to sue, because they
were told they were safe.

> IMHO the best solution is to dissociate at file level the code from
> the document. It will allow documents to be sent with their code
> attached as a separate document. Mail software will be able to filter
> the document from its code, and forbids any script or code to go
> through, providing users the possibility to view the document without
> the danger of running unknown code.

(assuming I understand you correctly...)

So we can't expect software that lets us disable potentially harmful
features, but we can require that everyone design their file types in
such a way that the "code" is in a separate file?  Please explain how
you plan to get Microsoft, the rest of the software industry, and the
entire free software community to agree to this.

In any case, your idea seems to be exactly the same as "Open Safely"
except it also puts extreme limitations on file design, something that
GNOME cannot control.

-- 
Brian F. Kimball

Follow-Ups:
- Re: Document Centricity in GNOME [LONG]
  - From: Moshe Zadka
- Re: Document Centricity in GNOME [LONG]
  - From: Franck Martin

References:
- RE: Document Centricity in GNOME [LONG]
  - From: Franck Martin

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]