Re: Nautilus, metadata and extendet attributes

From: Frank Worsley <fworsley shaw ca>
To: Xavier Bestel <xavier bestel free fr>
Cc: Heinrich Rebehn <rebehn ant uni-bremen de>, "Manuel Amador (Rudd-O)" <amadorm usm edu ec>, Olaf Frączyk <olaf cbk poznan pl>, nautilus-list gnome org
Subject: Re: Nautilus, metadata and extendet attributes
Date: Sat, 31 Jan 2004 12:14:29 -0800

> > Would you PLEASE care to show us an example? Your statement does not 
> > become true by repeating it a dozen times!
> 
> Is that a bad joke ? I get nearly *one hundred* Windows virus daily
> which exploit the fact that stupid people encoded metadata into the
> filename.

I think I know what you mean, but it's still not likely to happen with
the new mime detection approach, at least not on a standard setup.

On Windows an email virus spreads by attaching a file like
"letter.doc.vbs" to the mail. Users quickly look at the filename, only
see the "letter.doc" part, and decide to open the file. Windows sees the
.vbs extension and opens the file with the VB Script interpreter. Voila,
you've just run a script on the system. The same goes for .js, .exe,
.com, .bat, .com, .cmd, and other extensions.

However, this couldn't happen on a standard Linux setup because a file
doesn't get executed unless the execute bit is set. Luckily you can't
include file permissions in an attachement, so to run a file the user
has to first save it to disk, manually set the execute permissions, and
then double-click it.

So, imagine someone attaches a file called "balance sheet.gnumeric" that
is actually a shell script. If you save the file to disk and
double-click it, Nautilus will perform the content sniffing. It now
either decides it still is a Gnumeric file and opens it in Gnumeric, or
Nautilus will detect it's a shell script and open it in a text editor. I
just tested with Nautilus 2.4.1 and if a shell script is not set
executable, then Nautilus just opens it in my text editor and doesn't
even give me the choice to run it.

Of course, a user might directly associate their interpreter with script
files using the control center. If Nautilus performs sniffing and finds
out the Gnumeric file is actually a Perl script and then opens it with
the associated Perl interpreter, you would be in trouble. This is even
worse than on Windows, since even an alert user wouldn't notice anything
is wrong until he at least selected the file to force content sniffing
to happen.

I think some consideration should be put into how we handle the case
where the extension and sniffed file type don't match. I think a warning
dialog would be appropriate in this case.

- Frank

References:
- RE: Nautilus, metadata and extendet attributes
  - From: Manuel Amador (Rudd-O)
- Re: Nautilus, metadata and extendet attributes
  - From: Heinrich Rebehn
- Re: Nautilus, metadata and extendet attributes
  - From: Xavier Bestel
- Re: Nautilus, metadata and extendet attributes
  - From: Olaf Frączyk
- Re: Nautilus, metadata and extendet attributes
  - From: Manuel Amador (Rudd-O)
- Re: Nautilus, metadata and extendet attributes
  - From: Olaf Frączyk
- Re: Nautilus, metadata and extendet attributes
  - From: Manuel Amador (Rudd-O)
- Re: Nautilus, metadata and extendet attributes
  - From: Heinrich Rebehn
- Re: Nautilus, metadata and extendet attributes
  - From: Xavier Bestel

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]