Re: [Nautilus-list] Idea for Nautilus and GMC.

From: Evandro Fernandes Giovanini <efgbr terra com br>
To: Miguel de Icaza <miguel ximian com>
Cc: nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
Subject: Re: [Nautilus-list] Idea for Nautilus and GMC.
Date: 23 May 2001 22:27:25 -0300

what if someone distributes a malicious elf/a.out binary as
foo-1.5-2.i386.rpm the user will open the file with gmc/nautilus and
instead of telling the user "no viewer capable of opening this file" (or
whatever it says when someone runs a binary w/o the execute bit) it will
set the execute bit and run the file. boom!


On 22 May 2001 20:23:38 -0400, Miguel de Icaza wrote:


Currently when people download executables from the network, say for
installing software, they can not execute them because the execute bit
is not set.

So typical installation instructions for a Unix application look like
this:

      1. Click on this link to download.
      2. Run a shell
      3. type chmod +x file
      4. Run

Ideally, we want to avoid this problem in GNOME, and we just want
executables to just work.  As they do in Windows.  

So I would like to suggest that we set this bit manually if the user
double clicks on a file that happens to have an a.out or ELF
signature.  Maybe we could popup a warning or something, but the
result should be that files downloaded in this way would just work.

Comments?

Miguel.

_______________________________________________
Nautilus-list mailing list
Nautilus-list lists eazel com
http://lists.eazel.com/mailman/listinfo/nautilus-list

Follow-Ups:
- Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Miguel de Icaza
- Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Cesar Cardoso
- Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Zak McGregor

References:
- Idea for Nautilus and GMC.
  - From: Miguel de Icaza

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]