User: Password:
|
|
Subscribe / Log in / New account

Now to fix archivers

Now to fix archivers

Posted Feb 27, 2009 23:43 UTC (Fri) by liljencrantz (guest, #28458)
In reply to: Now to fix archivers by hppnq
Parent article: Desktop malware risk gets raised and patched

Ok. Rereading your comment, it still seems to me that my interpretation is by far the more natural one. But let's move on.

The simple answer to the question of how many times the question should be asked is simple: As long a no executable file is created, zero. If an executable file is created, the user should be prompted for confirmation once. The exception to this is with .desktop files, for which the prompt is shown when the file is first executed, and not when saved. Preferably, when a user is asked for confirmation and and gives it, the untrusted flag should be stripped; if the file is indeed evil, the damage is already done.

As for evil RPM:s, they are already handled by the package managers of today - packages that are not signed by a known key will not install without an extra override switch.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds