[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tue, Mar 14, 2006 at 10:36:48AM +0000, Neil Williams wrote: > > If I send you sillyimage.jpg.sh, a GNU email client won't pretend it's a .jpg, > it'll look at the content and realise it's a text file. Windows users sent > sillyimage.jpg.exe will just see the .jpg. Lunacy. IIRC, windows won't pretend it's a jpg file either. It should show the *executable* file icon because it has the ".exe" suffix on a file named "foo.jpg". If it showed an *image* icon next to a file called foo.jpg.bar then that would bona-fide design flaw to talk about. Can anyone dispute or confirm this please? The .jpg.exe trick is just a social engineering trick to make you misread what the attachment actually is. You can do that with anything, it's not the fault of the software. Think about it this way - if you only knew what an "image" icon was, a file named foo.jpg would mean nothing to you unless accompanied with a meaningful icon. As long as the mail client follows windows explorer, then you would only see an image icon for the file foo.jpg.jpg and not foo.jpg.exe I'd probably open it anyway out of curiosity though!!! ;) > Sure, this can be turned > off, but why is it on by default? If it's a default for Explorer > windows, why > is that inherited in the email client? (Duh! because some dunce > thought it > would be good for email to be processed by the same libraries as > Explorer!) ??? But isn't that the whole point of using libraries ??? To me that seems like saying that mozilla shouldn't use the glibc library because it has functions for manipulating files in it?!! > The principle reason is that if you send a .pif, .scr, .exe, .bat etc. to > a Windows user, when they "open" the attachment it doesn't open in a text > viewer, it EXECUTES. > This is what should happen because we usually want our client to perform the immediately obvious action for random files .foo, .bar and .baz My Mutt email client on the other hand, is _dumb_. If I open an image, it will happily fill my terminal with garbage. But because I added "application/x-sh; xterm -e %s" to my mailcap, it will happily run useful shell scripts which I have sent to myself for posterity. Yes, I know it is an absurd argument but it makes my point that you cannot label design features as "Lunacy" when they are doing exactly what they are supposed to. --- Sorry for the rant. I have to work with windows XP and having features taken away in the name of "security" is starting to make me a little unhinged. My job title is "Data Expert" but I can no longer send microsoft access databases to internal recipients (useful when thrashing out the design for a bigger RDBMS, or for sharing examples). I know it *could* be abused by someone, but I feel like I've been misjudged already. --- Cheers, John
Attachment:
signature.asc
Description: Digital signature