[RFC] Security and Features in KPDF
Tobias Koenig
tokoe at kde.org
Mon Jan 3 01:44:56 GMT 2005
On Sun, Jan 02, 2005 at 06:55:19PM -0500, George Staikos wrote:
> On Sunday 02 January 2005 18:19, Tobias Koenig wrote:
Hi,
> > This is really a save solution. When the user still clicks on 'Ok' and
> > the virus/wurm is executed... well, that's the users problem. But that's
> > the same case as when the user clicks on an unknown email attachment.
> > Do we forbid email attachments for this reason?
>
> This is not always so safe, because not all users understand the
> implications of a 1 character difference between two command lines, one being
> safe, the other being devastating.
And what's the different to a script that the user downloads from
www.coolnewgames.com and executes it because its name is install.sh?
We can't prevent the stupidity of some users, but we shouldn't impair
other users by refusing features just because some single users have to
click on every button that comes under their mouse...
Ciao,
Tobias
--
Separate politics from religion and economy!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20050103/0cc5dee9/attachment.sig>
More information about the kde-core-devel
mailing list