Trusted vs Unstrusted MIME types

Michael Richardson mcr at
Sun Jul 8 19:43:33 PDT 2007

Hash: SHA1

>>>>> "Thomas" == Thomas Leonard <talex5 at> writes:
    Thomas> However, putting it in the MIME database is quite risky. For
    Thomas> example, say I'm writing a python code visualiser. I want to
    Thomas> be able to click on a python file in my browser to view its
    Thomas> structure, so I supply my program with an MIME XML file
    Thomas> saying "Python files are safe".

  It must say:
     "python files are safe for viewing"
     "python files are safe for editing"

  You have to have the verb there.

  Fundamentally, it would be good to identify things as being passive
("data") or active ("programs").  There are many formats which pretend
to be data, but are in fact programs.  This include MS-Word files (in
all modes), but also latex files when "formatted", but not when "edited"

  It would also be useful if all applications could be told in a desktop
standard way, that some piece of data is untrustworthy, as even things
like emacs have things like "Local variables" which can be used to
exploit things.

    Thomas> What would the warning say?

    Thomas>   "Opening files of this type might or might not be
    Thomas> dangerous. It depends on which application you open them
    Thomas> with, but I don't have enough information to tell you
    Thomas> whether yours is OK. Do you want to continue?"

  Alas, I don't know that this is meaningful to naive users.

- -- 
]            Bear: "Me, I'm just the shape of a bear."          |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Finger me for keys


More information about the xdg mailing list