Re: head off email viruses: distinguishing documents from executables?

Carlos Perelló Marín wrote:

The main difference between Linux and Windows is that you must give the
execution flag to that file so it will never be executed until you allow

Hmm. When we untar an archive, its files may already come with the executable flag set.

IMHO, what we should do about GNOME desktop security is make sure it ALWAYS behaves this way.

Some important things to mention in future development are:

- Default (factory) file associations: Nautilus should never come with built-in file associations to script interpreters, say:
	- .pl to /usr/bin/perl
	- .php to /usr/bin/php
	- .sh to /bin/bash
	- .py to /usr/bin/python
and so on. This list should be extended to every file association that could lead to execution of arbitrary commands. The work of choosing an interpreter must be left to the kernel and the shell. While this not kills the entire problem (ie.: some apps have buffer overflows when processing documents), it's a nice beginning.

If the user wants to make these associations by hand, it's his problem.

Additionaly, some security audits could be done in applications such as file-roller to avoid social engineering by introducing some warnings.

Maybe GNOME needed a security team. Any toughts?

Steven, do you want to discuss this a bit more? :-)

Fabio Gomes de Souza <fabio gs2 com br> (+55 81 9127-0597)

|- IT Infrastructure :: Security :: Embedded systems :: Linux
`- Olinda, Brazil - +55 81 3492-7777 - negocios gs2 com br

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]