Now to fix archivers
Posted Feb 27, 2009 16:00 UTC (Fri) by hppnq
In reply to: Now to fix archivers
Parent article: Desktop malware risk gets raised and patched
There are two suggestions for tagging any file as untrusted in the original article: SELinux tagging and having an 'untrusted downloads file area'.
These two "tagging" methods indicate that you already know which files are trusted and which files are not trusted. So the question remains.
As to when one would restore the original bits, I suggested a dialog for doing exactly that in my original post.
And I asked the reasonable questions: what problem do you think you have solved, and how many times will you solve it?
There is nothing very insecure about a user downloading or even unpacking an archive -- except of course if you suddenly start to treat certain file attributes, like execute bits or mime types, in a new and special way.
to post comments)