On Thu, Jan 25, 2007, Stanislav Brabec wrote:
> But because pattern "*.jpg " has no MIME association, shared-mime-info
> offers no warning, that file which conforms defined magic but does not
> have name in form "*.desktop" is suspicious.
>
> glob pattern and magic in shared mime info mean: Recognize MIME type, if
> file has suffix OR file conforms magic. In this case, we need AND (or
> remove magic at all).
Yes, I agree with the analysis. FYI, I was pointed at how the Xfce
file manager works around this:
/* check if the file tries to look like a regular document (i.e.
* a display name of 'file.png'), maybe a virus or other malware.
*/
fake_mime_info = thunar_vfs_mime_database_get_info_for_name
(_thunar_vfs_mime_database, str);
if (fake_mime_info != _thunar_vfs_mime_application_octet_stream &&
fake_mime_info != info->mime_info)
{
/* release the previous mime info */
thunar_vfs_mime_info_unref (info->mime_info);
/* set the MIME type of the file to 'x-thunar/suspected-malware' to
indicate that
* it's not safe to trust the file content and execute it or otherwise
operate on it.
*/
info->mime_info = thunar_vfs_mime_database_get_info
(_thunar_vfs_mime_database, "x-thunar/suspected-malware");
/* reset the executable flag */
info->flags &= ~THUNAR_VFS_FILE_FLAGS_EXECUTABLE;
/* reset the custom icon */
g_free (info->custom_icon);
info->custom_icon = NULL;
/* reset the name str, so we display the real file name */
name = NULL;
}
So, I suppose the same could be done for gnome-vfs/nautilus but I am
not sure where the relevant code is.
--
Loïc Minier <[EMAIL PROTECTED]>
_______________________________________________
xdg mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/xdg
