El sáb, 31-01-2004 a las 04:18, Julien Olivier escribió: > > Is that a bad joke ? I get nearly *one hundred* Windows virus daily > > which exploit the fact that stupid people encoded metadata into the > > filename. > > What we are ALL waiting for are examples of how using file extensions > the way Nautilus plans to do it (in cooperation with sniffing) could be > dangerous. > If extensions are used for determining file types but sniffing is used when files are clicked, shell scripts can pass by. I don't know if Nautilus executes shell scripts upon clicking, but this is not the point. If users have associated Windows executable files with WINE, for example, wine will run files whether they have extensions or not, as long as they are PE (portable executable) files. Users can then receive something masquerading as a picture, but upon run, discover that their files are gone. That the risk is 1-in-100000 does not matter. The point is that encoding file type information in the file name is wrong. To a big extent, files already "know" which file type are themselves, the problem is that the file manager is slow in determining file types because it has to sniff. Extensions are just a hack, not a proper file type specification. The current status quo is, therefore, a hack. Unknowing users will always trample on that hack in the most unexpected way. I myself have intended to rename files and kill the extension in the process. That's exactly why Windows Explorer hides extensions by default. And if Nautilus goes that route to avoid "user stupidity" (which is actually programmer stupidity) we'll end up with the same situation as with Windows Explorer. Besides, it's about time I should be able to have OpenOffice files on my folders that don't have an extension, yet they open properly when I double-click them. Get the point? > Please please please... tell us ! -- Manuel Amador (Rudd-O) GPG key ID: 0xC1033CAD at keyserver.net
Attachment:
signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada digitalmente