Chris Robinson wrote:
On Tuesday 24 February 2009 8:57:23 pm Scott Ritchie wrote:
Worse, you could actively irritate them - suppose they do double click and you DONT offer the ability to open it, but instead instruct them to go through that annoying procedure.
It's hardly annoying as it takes all of two seconds (or less). It's part of normal system operation that the user will already have to deal with outside of Wine. And at least they'll know that it's something that is going to be executing, instead of simply opened/read. Trading safety for user convenience like that is a bad habit to pick up.
It takes about 2 seconds once you've learned how to do this, but this is hardly an easily discoverable task.
Regardless, when a user says "open the program" twice in a row - by clicking on it and then clicking "run this program" on the associated dialog box, I think it best we got out of their way rather than assume they actually meant "no, don't run it until I make 4 more clicks on a different tab in the preferences dialog."
Not necessarily. Along with the .desktop trojan, the blog I read also showed how to override system menu entries (by placing a replacement in the local folder which will override the system one). So the link you clicked on may not be what you intended..
But in order to do that a malicious script has to already be running! Such a system is already owned.
True enough, I suppose. It just seems unnecessary to me to special-case it since a program installed via Wine (that would have created such a menu entry) is already marked as +x. What kind of scenario would there be for a user to have a menu entry and the program its pointing to to unknowingly be -x?
Does Wine do this in all cases (mark installed executables as +x)?
Thanks, Scott Ritchie