Re: head off email viruses: distinguishing documents from executables?



Carlos Perelló Marín wrote:
> True, but you should untar it before you can execute it. "The GNOME way"
> to open that tar (file-roller) will not let you execute it, only view
> the files. We should help the user, but prevent for execute files that
> he/she wants to execute...

Users are tricked into unzipping email attachments every day.  What you
want to prevent is the case where someone gets sent an email attachment
readme.tar.gz, which untars to a readme file with the execute bit set, so
that when the unwary user double-clicks it thinking it is a readme file
it executes.

You can't just blame it on the user, either; it's a real UI problem on
other platforms:  You need to give people an unmistakable way to
distinguish launching executables from opening documents (besides small
details like the icon, which are easily missed).

Steven




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]