Some thoughts about extensions and mime types
- From: Olaf Frączyk <olaf cbk poznan pl>
- To: nautilus-list gnome org
- Subject: Some thoughts about extensions and mime types
- Date: 03 Feb 2004 11:36:51 +0100
What I understand from previous mails is that we need robust and safe
file type detection.
So I think:
It doesn't matter if type is putted as extension or inside of file. Both
can be changed by attacker or virus creator. And simple sniffing can be
So I don't think that tagging a file with a file-type by application is
good solution. It has the same flaws as tagging with file extension.
To have secure type-file detection we need File Type Detector (FTD) on
local computer. It has to be run as root to be able to read all files.
It has to examine every file and such examination has to be really
reliable (much more that sniffing today). FTD has to maintain secure
database. In such database we need: filename (full path), mtime, ctime,
When a file is examined DFT will put in this database these data, so we
will know if a file was changed after it was examined.
The database can be:
- external - any kind of database optimized for this task
- internal - this requires changes in filesystem. But it would be the
fastest solution, I think. What I mean here, would be adding a secure
(writable only by root) space in directory (similar to that one which
currently contains filenames in directories, but is not secure).
Then if we want to open a directory from filemanager we would just check
(for every file) the database if the file has file type description, and
if it is out of date or it is not present, we would ask FDT to check
this file. With internal (in directory) database it should be as fast as
normal directory opening.
The real problem is when opening file by application. There is always a
risk, that somebody has changed content of the file, just between we see
it in nautilus and before the application opened it.
The only solution for this problem I can think, is mandatory locking for
writing. An application opens file, locks it for writing, asks DFT if
the file type is still valid (not out of date), if not, it asks DFT to
re-examine this file.
] [Thread Prev