Re: Why file content sniffing sucks
- From: "Jason A. Pfeil" <pfeil 10east com>
- To: Blomberg David <dblomber Libertec com>
- Cc: Charles Goodwin <charlie xwt org>, Geoffrey <esoteric 3times25 net>, Elliot Lee <sopwith redhat com>, nautilus-list gnome org, gnome-devel-list gnome org, Gnome List <gnome-list gnome org>
- Subject: Re: Why file content sniffing sucks
- Date: Mon Dec 29 09:59:17 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 26 Dec 2003, Blomberg David wrote:
> File extensions are one of the largely abused areas in Windows that
> crackers abuse to trick users into running trojans. We should not bring
> the same system here (If you want file extensions use them many linuxes
> and unixs look them up) but dont impose the false sense of security on
> users - well it said it was a PNG but it ran a perl script that
> formatted my drive. Ease of use (or to blindside the unsuspecting) need
> not enter here.
That's not necessarily the case. It would be rather simple for GNOME to
*verify* that the file extension matches the file content when the file is
accessed. That would add a level of user interaction which would help to
minimize the risk. The problem with this line of thought is that we are
trying to save the user from himself. That is just not possible. Enough
information should be given to the user, augmented with clear warnings about
what they are about to do, to help users make the right decision. That is
a much cleaner approach and does not have the software trying to make the
decision for the user.
Quite often, in Windows, I change the extension on a file so that it will
be opened by a different application. That is not possible when the software
decides what is best for me.
- --Jason
>
> On Thu, 2003-12-25 at 06:22, Charles Goodwin wrote:
> > On Wed, 2003-12-24 at 20:39, Geoffrey wrote:
> > > Personally, I think extension approaches suck. Then again, I've been a
> > > UNIX guy for 25 years. I think that maybe the file determination needs
> > > to be refined.
> > >
> > > Actually, the best solution would be to support both and let the user
> > > choose.
> >
> > Yes, but hasn't the HIG taught you anything? :P
> >
> > Which should be the default if this is supported?
> >
> > I think file content is the _right_ method, but if it's blocking usage
> > of Nautilus then it is being _badly_ implemented. It should just chug
> > along in the background, detecting the files and repainting the icons
> > without interrupting the user.
> >
> > - Charlie
>
- --
Jason A. Pfeil
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/8EBOF7j4r5hBUugRAhunAJ9Xv4gzh0ZXOTW4MxyubiVHUY88vQCgtFNH
8+Xb6wCQDa2F08somiNaWe4=
=HKNR
-----END PGP SIGNATURE-----
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]