Re: Nautilus, metadata and extendet attributes
- From: Heinrich Rebehn <rebehn ant uni-bremen de>
- To: Xavier Bestel <xavier bestel free fr>
- Cc: nautilus-list gnome org
- Subject: Re: Nautilus, metadata and extendet attributes
- Date: Fri, 30 Jan 2004 11:01:34 +0100
Xavier Bestel wrote:
Le ven 30/01/2004 à 09:34, Heinrich Rebehn a écrit :
If the user decides to use "wrong" extensions, it's his decision, and if
the image viewer displays garbage because "pic.jpg" contains ascii, he
can use the file command to check what's wrong.
No. When files come from somewhere else, the user hasn't decided
anything. If nautilus does put your computer on fire when trying to
display "remote-location:///pic.jpg" because at the last moment it
decided it's an executable, the file command is completely useless.
Nautilus should *never* start an executable without permission of the
user. Don't copy this weird behaviour from Windows(tm).
Deciding on file extensions enables all sorts of mistakes and malicious
attacks, just open your eyes and look at the weekly Windows exploits.
(My eyes are open, no need for your advice)
It won't take long for exploits to emerge that fool the
mimetype-sniffing algorithm. Any algorithm can be fooled, be it
extensions or sniffing.
There is nothing specifically dangerous about file extensions. It's
Windows default configuration that causes the problems.
] [Thread Prev