Re: head off email viruses: distinguishing documents from executables?

After discussion with Steven off-list, I want to say that I agree with
him. Currently, Nautilus allows users to launch executable binaries (not
scripts) without any warning. What does that mean ?

It means that if you receive an email containing from someone who
appears to be a friend of yours, with an attached archive (zip or tgz
for example), this archive could contain binary files with the exec bit
set. Of course, a well-educated user would never run a binary files
contained in an archive if he isn't 100% sure what it is. But, to avoid
the case of non-educated users, I think it would be better to have
Nautilus warn users (using a dialog and a "don't ask me anymore"
checkbox) that executing binaries can be dangerous for themselves.

Who would that hurt ? I mean, who launches binaries directly from
Nautilus ? The normal way for launching programs is using a .desktop
file or using a terminal.

Another solution could be to prevent Nautilus from (directly) executing
binaries that are located in user-writable places. That way, you still
can (directly) run program located in -say- /usr/bin, but you can't
launch a program located in ~/ or in /tmp.

There is a second point: it's possible to create a .desktop file
displaying "my-photo.jpg", and actually running "rm -rf ~/". If you
create such a .desktop file, name it "my-photo.jpg.desktop", attach it
in an email and send it to someone running GNOME, it could happen that
your "friend" saves this attachement on his desktop and launches it
thinking it's a picture.

So, wouldn't it be safe to display a warning before launching .desktop
files too ? With two exceptions: .desktop files located in locations
where user can't write (/usr/share/applications for example) and
.desktop files created by the user using "create launcher". Nautilus
could, for example, keep a list of "safe" .desktop files and warn users
before running launchers which are not in this list.

Am I paranoïd ?

Julien Olivier <julo altern org>

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]