Chris Robinson wrote: > On Tuesday 24 February 2009 8:57:23 pm Scott Ritchie wrote: >> Worse, you could actively irritate them - suppose they do double click >> and you DONT offer the ability to open it, but instead instruct them to >> go through that annoying procedure. > > It's hardly annoying as it takes all of two seconds (or less). It's part of > normal system operation that the user will already have to deal with outside > of Wine. And at least they'll know that it's something that is going to be > executing, instead of simply opened/read. Trading safety for user convenience > like that is a bad habit to pick up. >
It takes about 2 seconds once you've learned how to do this, but this is hardly an easily discoverable task. Regardless, when a user says "open the program" twice in a row - by clicking on it and then clicking "run this program" on the associated dialog box, I think it best we got out of their way rather than assume they actually meant "no, don't run it until I make 4 more clicks on a different tab in the preferences dialog." >>> Not necessarily. Along with the .desktop trojan, the blog I read also >>> showed how to override system menu entries (by placing a replacement in >>> the local folder which will override the system one). So the link you >>> clicked on may not be what you intended.. >> But in order to do that a malicious script has to already be running! >> Such a system is already owned. > > True enough, I suppose. It just seems unnecessary to me to special-case it > since a program installed via Wine (that would have created such a menu > entry) > is already marked as +x. What kind of scenario would there be for a user to > have a menu entry and the program its pointing to to unknowingly be -x? Does Wine do this in all cases (mark installed executables as +x)? Thanks, Scott Ritchie