Trusted vs Unstrusted MIME types
Rodney Dawes
dobey.pwns at gmail.com
Sat Jul 7 08:03:59 PDT 2007
On Sat, 2007-07-07 at 09:53 +0000, Thomas Leonard wrote:
> How can a type be "safe" or "unsafe"? Safeness depends on the application.
> E.g. a python script is safe if you open it with a text editor, but not if
> you use a python interpreter.
>
> Perhaps applications that are designed to handle untrusted data safely
> could be flagged as such in their .desktop files?
What about trusted applications with security flaws, that handle
"trusted" types? A tar.gz might be considered "safe", but could expose a
security flaw in gzip.
-- dobey
More information about the xdg
mailing list