KDE and the executable bit

Marc Espie espie at nerim.net
Mon Jan 28 12:17:54 GMT 2008


Making it easy to execute stuff just because it has an x bit
is a HUGE mistake.

Big, big security risk.

Even for total newbies, this has very surprising consequences.
This makes it real easy to hide dangerous stuff as files that don't
have the right type.

Your average user gets a .jpg file, he doesn't want it to execute just
because it has an x bit... and the user is likely NOT to look too much
at the displayed icon. Your average newbie will more or less go
`oh, this should be an image, why does this not display. let's click on it.'

I don't know about you, but I've been making fun of Windows security for
ages, precisely because most of its applications are sooo virus-friendly.

Let's NOT turn KDE into a security disaster, shall we ?




More information about the kde-core-devel mailing list