Description: Some time ago I downloaded some Commercial Application. It was a standalone installation program like Star office or Commercial Games often use. I tried to install the app by clicking on what I downloaded but nothing happened. I tried the same as root and again nothing append. At the time I didn't know what to do so I gave up. Later I realised that I had to change permissions to "execute" and it worked instantly. Even as a normal User. This experience made me think of this dialog. It pops up if you own the file but the permissions don't let you use it. In any other case the dialog wont popup. If the User try's to open a file from a different User account it also won't popup. I post my Idea here because I want to hear some comments on this.
belze
PS: there is nothing to download. This is just an idea to discuss.
This is basically a good idea.
And it doesn't necessarily
have to be a security hazard:
By default there should be just
a message:
This file is not executable.
If you want to run it you have
to change its permissions by
doing bla,bla. Be aware that
executing files of unknown origin
can be a security hazard.
There should be a somewhat
"hidden" option in the control
panel which enables a more
complex dialog letting you
directly change permissions.
This should be off by default.
Whoever finds this option
in the Control Panel and enables
this should know what he's doing.
Another approach that one could take that would be more integrated with the way that KDE handles files at the moment would be to make it part of the "open with" dialogue.
If you click on an unknown octect stream or something that KDE recognises as a binary, and you own it but it doesn't have executable permissions, then clicking on it should bring up a dialogue asking you how you would like to open the file, but rather than providing the 'open with' dialogue it ought to ask you if you would like to try executing the file, with a stern security warning, and a pointer to the permissions dialogue for the future.
I don't think security through obscurity (making people manually change permissions) is the best idea, since all you are doing is making life difficult for those who won't find the permissions dialogue (usually through not being motivated enough to look), and not providing any warning to those who will. Why not provide the functionality to all, and a warning to all?
Just yesterday I was trying to overwrite a file... but it just wasn't working, then I realized I didn't have "write" permissions on it. This kind of thing would be helpfull.
Someone sends you a unknown file with an email. You click at the icon and oops, your homedirectory is empty. Shit happens.
Don't make the same mistakes a they where made on windows. If you want to execute a file, change the permissions manually.
Security first.
Well that could happen I supose. But then again there could be a Warning saying that Opening unknown Fils could be dangerus.
The mauel Change of rights doesent make it safer. If the User knows what he can do, he will do it. If the User doesent he might be glad to get help from the System.
Not a bad idea.
One thought occurs to me: if a user is inexperienced enough not to know about the executable bit, giving them the option of adding it for "others" might be kind of risky. It's not likely, but still.
If it were my utility, I would remove the "expanded" part of the dialog and have it default to doing just u+x or ug+x.
Maybe they find thier way anyway but we shouldn't make it easier for them.
If a user wants to execute a file he should do it manually. If his homedirector then gets deleted by a worm or a virus, maybe next time he thinks twice before he changed the permissions of a unknown file to executable and executes it.
But what when this is some kind of unrecognized file and you want to open it with f.ex. kwrite?
Now you click on it and a dialog asks you with which program you want to open it. How can this work together with your suggestion?
A solution _could_ be, adding another button to the "open with" dialog which is called "execute itself/directly/whatever".
Or did I understand you wrong? :-)
The Open With and changing permission don't have anything to do with each other.
If you have Read permissions the dialog won't aperar.
If you don't have read Permissions the dialog will popup befor the "opening with" dialog will come.
It is more a warning message.
"The Open With and changing permission don't have anything to do with each other."
Actually, they do; when you click on a file which doesn't have an associated application (such as a script or ELF binary), you get an "open with" dialog.
"If you have Read permissions the dialog won't aperar."
Then it will be completely useless, as you are almost certain to have read permission on a file you execute. Unless you're installing from a CD, I guess.
I believe that the real problem here is that you clicked a file, and nothing happened; no error, no launch, nothing. That is bad behavior, and should be fixed, but changing permissions in the way you describe is /not/ a good thing to be doing.
Ratings & Comments
14 Comments
This is basically a good idea. And it doesn't necessarily have to be a security hazard: By default there should be just a message: This file is not executable. If you want to run it you have to change its permissions by doing bla,bla. Be aware that executing files of unknown origin can be a security hazard. There should be a somewhat "hidden" option in the control panel which enables a more complex dialog letting you directly change permissions. This should be off by default. Whoever finds this option in the Control Panel and enables this should know what he's doing.
Another approach that one could take that would be more integrated with the way that KDE handles files at the moment would be to make it part of the "open with" dialogue. If you click on an unknown octect stream or something that KDE recognises as a binary, and you own it but it doesn't have executable permissions, then clicking on it should bring up a dialogue asking you how you would like to open the file, but rather than providing the 'open with' dialogue it ought to ask you if you would like to try executing the file, with a stern security warning, and a pointer to the permissions dialogue for the future. I don't think security through obscurity (making people manually change permissions) is the best idea, since all you are doing is making life difficult for those who won't find the permissions dialogue (usually through not being motivated enough to look), and not providing any warning to those who will. Why not provide the functionality to all, and a warning to all?
Just yesterday I was trying to overwrite a file... but it just wasn't working, then I realized I didn't have "write" permissions on it. This kind of thing would be helpfull.
i have been waiting for this! lol im sure its not a virus even if it was.... we could bust his ass bad for this. This is looking great :)!
Someone sends you a unknown file with an email. You click at the icon and oops, your homedirectory is empty. Shit happens. Don't make the same mistakes a they where made on windows. If you want to execute a file, change the permissions manually. Security first.
Well that could happen I supose. But then again there could be a Warning saying that Opening unknown Fils could be dangerus. The mauel Change of rights doesent make it safer. If the User knows what he can do, he will do it. If the User doesent he might be glad to get help from the System.
Not a bad idea. One thought occurs to me: if a user is inexperienced enough not to know about the executable bit, giving them the option of adding it for "others" might be kind of risky. It's not likely, but still. If it were my utility, I would remove the "expanded" part of the dialog and have it default to doing just u+x or ug+x.
This is a bad idea. What if the file is a virus or a worm ?
Of course this feature would make it easyer or Worms. But than again Worms will find there way anyway.
Maybe they find thier way anyway but we shouldn't make it easier for them. If a user wants to execute a file he should do it manually. If his homedirector then gets deleted by a worm or a virus, maybe next time he thinks twice before he changed the permissions of a unknown file to executable and executes it.
But what when this is some kind of unrecognized file and you want to open it with f.ex. kwrite? Now you click on it and a dialog asks you with which program you want to open it. How can this work together with your suggestion? A solution _could_ be, adding another button to the "open with" dialog which is called "execute itself/directly/whatever". Or did I understand you wrong? :-)
The Open With and changing permission don't have anything to do with each other. If you have Read permissions the dialog won't aperar. If you don't have read Permissions the dialog will popup befor the "opening with" dialog will come. It is more a warning message.
"The Open With and changing permission don't have anything to do with each other." Actually, they do; when you click on a file which doesn't have an associated application (such as a script or ELF binary), you get an "open with" dialog. "If you have Read permissions the dialog won't aperar." Then it will be completely useless, as you are almost certain to have read permission on a file you execute. Unless you're installing from a CD, I guess. I believe that the real problem here is that you clicked a file, and nothing happened; no error, no launch, nothing. That is bad behavior, and should be fixed, but changing permissions in the way you describe is /not/ a good thing to be doing.
So what would you do? Having a system wich doesent respont in any way on a User action is the worst thing there is.