Re: [Nautilus-list] Idea for Nautilus and GMC.
- From: Evandro Fernandes Giovanini <efgbr terra com br>
- To: Miguel de Icaza <miguel ximian com>
- Cc: nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
- Subject: Re: [Nautilus-list] Idea for Nautilus and GMC.
- Date: 23 May 2001 22:27:25 -0300
what if someone distributes a malicious elf/a.out binary as
foo-1.5-2.i386.rpm the user will open the file with gmc/nautilus and
instead of telling the user "no viewer capable of opening this file" (or
whatever it says when someone runs a binary w/o the execute bit) it will
set the execute bit and run the file. boom!
On 22 May 2001 20:23:38 -0400, Miguel de Icaza wrote:
>
> Currently when people download executables from the network, say for
> installing software, they can not execute them because the execute bit
> is not set.
>
> So typical installation instructions for a Unix application look like
> this:
>
> 1. Click on this link to download.
> 2. Run a shell
> 3. type chmod +x file
> 4. Run
>
> Ideally, we want to avoid this problem in GNOME, and we just want
> executables to just work. As they do in Windows.
>
> So I would like to suggest that we set this bit manually if the user
> double clicks on a file that happens to have an a.out or ELF
> signature. Maybe we could popup a warning or something, but the
> result should be that files downloaded in this way would just work.
>
> Comments?
>
> Miguel.
>
> _______________________________________________
> Nautilus-list mailing list
> Nautilus-list lists eazel com
> http://lists.eazel.com/mailman/listinfo/nautilus-list
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
