← Back to team overview

unity-design team mailing list archive

  1. unity-design team
  2. Mailing list archive
  3. Message #03732

Re: Executable file dialog box...

  Thread PreviousDate PreviousThread Next 
On 21 September 2010 13:54, Remco <remco47@xxxxxxxxx> wrote:

> On Tue, Sep 21, 2010 at 12:38, Luke Benstead <kazade@xxxxxxxxx> wrote:
> > I'm wondering if we need this dialog at all, surely we can code in a
> little
> > bit of logic here. How about:
> >
> > If the file is executable and:
> >
> > 1. If the file is binary and the extension not associated to a program,
> > attempt to run it
> > or
> > 2. If the file is text and has the #! line at the top, try to run it. Add
> > "Run as a Program" and "Run as a Terminal Program" to the right click
> menu
> > or
> > 3. If the file is text, open it in the default editor and add "Run as a
> > Program" and "Run as a Terminal Program" to the right click menu
> >
> > That way double clicking a file will do what the user expects most of the
> > time, and give the option of alternative behaviour if necessary.
> >
> > Thoughts?
>
> This may have security implications. What if the file is a malicious
> bash script? GNOME attempts to help the user avoid running malicious
> code. Double clicking a text file downloaded from the internet should
> not be a gamble. You double click the file to study it, and suddenly
> it deletes all your files.
>

I did consider this, however, when you download a file from the Internet via
Firefox the executable bit is turned off, you have to already consciously go
and enable it otherwise double clicking the file just opens it in a text
editor.

The current dialog doesn't seem to be about security (otherwise there would
be a warning stating that) it seems to exist because Nautilus doesn't know
what you want to do with the file.


> Maybe also add a clamav scan. Since many people have Wine installed,
> it is even more important to scan untrusted executable files for
> viruses.
>
>
Wine applications already have to have the executable bit set to run, if you
try to run it without it you will see a dialog informing you.

Just to clarify, my suggestion is only for files already marked as
executable, obviously adding "Run as a Program" to non-executable files is a
massive security issue.

Luke.

Follow ups

References

  Thread PreviousDate PreviousThread Next