On 21 September 2010 13:54, Remco <[email protected]> wrote: > On Tue, Sep 21, 2010 at 12:38, Luke Benstead <[email protected]> wrote: > > I'm wondering if we need this dialog at all, surely we can code in a > little > > bit of logic here. How about: > > > > If the file is executable and: > > > > 1. If the file is binary and the extension not associated to a program, > > attempt to run it > > or > > 2. If the file is text and has the #! line at the top, try to run it. Add > > "Run as a Program" and "Run as a Terminal Program" to the right click > menu > > or > > 3. If the file is text, open it in the default editor and add "Run as a > > Program" and "Run as a Terminal Program" to the right click menu > > > > That way double clicking a file will do what the user expects most of the > > time, and give the option of alternative behaviour if necessary. > > > > Thoughts? > > This may have security implications. What if the file is a malicious > bash script? GNOME attempts to help the user avoid running malicious > code. Double clicking a text file downloaded from the internet should > not be a gamble. You double click the file to study it, and suddenly > it deletes all your files. >
I did consider this, however, when you download a file from the Internet via Firefox the executable bit is turned off, you have to already consciously go and enable it otherwise double clicking the file just opens it in a text editor. The current dialog doesn't seem to be about security (otherwise there would be a warning stating that) it seems to exist because Nautilus doesn't know what you want to do with the file. > Maybe also add a clamav scan. Since many people have Wine installed, > it is even more important to scan untrusted executable files for > viruses. > > Wine applications already have to have the executable bit set to run, if you try to run it without it you will see a dialog informing you. Just to clarify, my suggestion is only for files already marked as executable, obviously adding "Run as a Program" to non-executable files is a massive security issue. Luke.
_______________________________________________ Mailing list: https://launchpad.net/~ayatana Post to : [email protected] Unsubscribe : https://launchpad.net/~ayatana More help : https://help.launchpad.net/ListHelp
