On Wed, Mar 15, 2017 at 6:07 PM, Andrew Morgan <[email protected]> wrote: > I was thinking about the UX and UI of how a user would mark a file as > untrusted/always open in a DispVM. In the original issue there were some > debates on how a user would know/could mark a file as untrusted and I've > come up with the following potential solution:
You may wish to re-read the link in my earlier mail: On Fri, Mar 10, 2017 at 3:22 PM, Jean-Philippe Ouellet <[email protected]> wrote: > There are standardized extended filesystem attributes [1] which are > widely adopted now, and should be a good starting point for > implementing this. > > [1]: https://www.freedesktop.org/wiki/CommonExtendedAttributes/ > > > Example: > $ getfattr -d genode-foundations-16-05.pdf > # file: genode-foundations-16-05.pdf > user.xdg.origin.url="https://genode.org/documentation/genode-foundations-16-05.pdf"; These attributes are set automatically by many programs which produce files from untrusted sources (browsers, email clients, etc.), meaning you likely do not need to worry about a way to set them manually, but rather a way to determine how to handle them when they are found. Other systems (non-linux) do this too (IIRC OS X sets com.apple.quarantine or something), and presumably windows has its equivalent too (although after actively avoiding using windows for nearly the past decade, I find that I know little about it ;) The task then would be to extend qfilecopy [1] to transfer these attributes, and possibly translate them into the equivelant windows versions if you wish to support windows. WIndows support would certainly be great, but I'd aim for getting it working on linux first. [1]: https://www.qubes-os.org/doc/qfilecopy/ -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CABQWM_C--yv17seYjHDY2ocP%3Dx9JVd2EjKdr9S1kTA9PvUEdtg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
