On Fri, 2007-07-06 at 11:21 -0400, Christopher Aillon wrote: > [following up from a thread on the mozilla forums] > > Boris Zbarsky wrote: > > Christopher Aillon wrote: > >> Are there any hooks that the fd.o stuff is specifically lacking? > > > > Yes. What's needed is a way to have separate helpers for trusted and > > untrusted > > files. Often the same, sometimes different. > > > > e-mail programs, web browsers, etc should use the untrusted versions (and > > possibly provide UI for the user to change them, with hooks available for > > apps > > to save these user decisions). File managers should use the trusted > > versions. > > Boris makes a good point. We definitely don't want users to "open" > executables such as perl scripts with an interpreter as that is an easy > way for an attacker to do things to an unwary user's system. We need > some way to discern untrusted from trusted content. > > Looks like epiphany is doing this via > http://svn.gnome.org/viewcvs/epiphany/trunk/data/mime-types-permissions.xml?revision=7005&view=markup > > I'd argue that we should consider moving this information to fd.o, > perhaps into s-m-i itself. I'm not sure we need a separate XML file for > it, though. Perhaps we could integrate this directly into the existing > XML file?
I'd be all for having this XML file's data available. Marking untrustworthy mime-type wouldn't that much of a problem for our implementation (apart from the ABI breakage of the cache). However, you need to convince the powers that be (the people working on the mime-type spec) that it's a good idea. It is in my opinion. Waiting for comments. -- Bastien Nocera <[EMAIL PROTECTED]> _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
