Re: new mime detection approach



On Thu, 15 Jan 2004 08:37:15 +0100, Mattias Eriksson wrote:

> I see one security flaw with this solution and it is that the user might
> be fooled into running trojans and other kind of evil programs. If I
> send a user a executable with a .mp3 extension or .gif extension, it is
> detected according to the suffix. The user wants to taka a look at it
> and double-click the file. Now a sniff is performed and it is detected
> it is an executable and the file is run. Do we really want this?

Simple solution would seem to be always using sniffing to detect the
contents of file downloads/attachments. You typically don't have 1000
documents attached to an email so the sniffing overhead isn't an issue
there. Perhaps with a warning if the MIME type reported by the sniffer and
the MIME type reported by the email differed, with an option to choose
between them (trusting the sniffing more than the email).




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]