[Portland] Re: xdg-email & xdg-open
Kevin Krammer
kevin.krammer at gmx.at
Thu Nov 16 04:30:36 PST 2006
On Thursday 16 November 2006 09:09, Bradley T Hughes wrote:
> On Thursday 16 November 2006 07:24, Bastian, Waldo wrote:
> > > However, since this seems to be so important to them, it is something
> > > between them and their users. Thunderbird user will not expect
> > > automatically supplied attachments to work and user of other mail
> > > clients are not affected.
> >
> > Well, Thunderbird is rapidly becoming the most popular Linux mail client
> > (see e.g. http://ubuntuforums.org/showthread.php?t=7023 and
> > http://www.linuxjournal.com/article/8520 ) so a solution that doesn't
> > take Thunderbird into account isn't much of a solution I'm afraid.
>
> True, but is working around a concious security measure in Thunderbird the
> right solution as well? I'm thinking not...
I wouldn't call it a security measure.
For example HTML fragment like
<a href="mailto:foo at bar,attachment=/etc/password">free pr0n</a>
If this is shown in Firefox and thunderbird is the mailto handler, a click on
the link will open the Thunderbird composer with the file attached.
This is either a prime example why security by obscurity does not work,
something "inherited" from being mainly a Windows applications, or an attempt
to establish an own "standard" by not supporting common practice.
Cheers,
Kevin
--
Kevin Krammer, KDE developer, xdg-utils developer
KDE user support, developer mentoring
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/portland/attachments/20061116/a0a43a95/attachment.pgp
More information about the Portland
mailing list