"Name" key value in desk. entry spec collides with file names, could misguide users?

[Mike Hearn]

On Sat, 19 Mar 2005 23:01:49 -0600, Jerry Haltom wrote:
> We have a chance to make policy pretty simple: nothing should be
> executable unless the user goes out of his way to mark it executable.
> Not a simple Yes/No prompt, but right click Properties, Permissions,
> Executable. A very specific action.

I strongly disagree. If a user decides they want to run something, adding
a few more clicks isn't going to magically make them change their mind.
It'll just piss them off and make them think Linux sucks (and they'd be
right).

This line of thinking is security-through-obnoxiousness and is just a
variant on obscurity. It's not providing a real solution, it's just making
it more awkward (not even harder, really) to do what you want to do.

The correct way to deal with the problem of users downloading and running
random stuff is to use SELinux (or something like it) to implement
quarantine zones so it doesn't matter if something foreign is run: unless
it's been placed on the system by the administrator or a package manager,
it cannot do anything harmful.

The wrong way is to decrease usability for no increase in security. The +x
bit is itself a flawed idea for the same reasons: it makes it annoying and
awkward to run things you download but does not increase security (as you
can run software without the +x bit anyway if you know how.)

By the way, rather than break threading if you want to post on a
list you aren't subscribed to you can use GMANE.

thanks -mike