Ubuntu
mime-support package

cautious-launcher needs option to allow file execution

Bug #688736 reported by Doug McMahon
266
This bug affects 3 people
Affects Status Importance Assigned to Milestone
mime-support (Ubuntu)
Opinion
Undecided
Unassigned

Bug Description

Binary package hint: mime-support

As it is currently implemented the cautious-launcher (security bit policy), has virtually no real world value.
Taking a .exe as example. In 99.9999% of instances this is a user initiated action, ie. they intend to run the file. Your policy/launcher offers no means to check the .exe, nor any way or info as to how to execute it.

The end result is either a frustrated user or a user looking for the solution. Depending on the location of the .exe that would range from simple to a bit more involved, in either case the possibility of taking bad advice, ect. exists.
In all cases, unless the user gives up, they will execute the file one way or another, rendering your policy inane and nothing more than an initial annoyance,
(some 'solutions' will permanently bypass the cautious-launcher altogether, making it just a file doing nothing.

While the cautious-launcher and the policy it is enforcing may have had some merit as an idea, as currently implemented it is nonsense and should be adjusted.

ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: mime-support 3.51-1ubuntu1
ProcVersionSignature: Ubuntu 2.6.37-8.21-generic 2.6.37-rc4
Uname: Linux 2.6.37-8-generic i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Fri Dec 10 15:30:34 2010
Dependencies:

InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha i386 (20101128)
PackageArchitecture: all
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.utf8
 SHELL=/bin/bash
SourcePackage: mime-support

Doug McMahon (mc3man)
visibility: private → public
Marc Deslauriers (mdeslaur)
Changed in mime-support (Ubuntu):
status: New → Opinion
Revision history for this message
Doug McMahon (mc3man) wrote :

While clearly an opinion (mine and many others), it would be at the very least enlightening to hear, at some point, the only opinion that matters - from someone involved with the implementation of this policy, as to why they think it 'works'.

From my viewpoint it not working at all, at least in any positive sense.

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

We are trying to protect the Ubuntu desktop from malware. One of the popular malware attack vectors is a "Drive by download": to have a user unknowingly download an executable file and hope they double click on it later at which point the malware is executed.

Since Ubuntu software is normally installed through signed repositories using the Ubuntu Software Centre, there is no reason to encourage the Windows-type behaviour of downloading a random piece of unsigned software from the Internet and executing it. Thus, random downloaded files are not executable by default, and executing them should be reserved for advanced users who know the implications of doing so.

Revision history for this message
Robbert Korving (robkorv) wrote :

It's really great that security get a high priority but this simple solution would greatly approve usability while still acting on the "Drive by download" use case.

I really get frustrated that there is not an option to just run it anyway. It's is really time consuming to change every jar or exe file that I just downloaded from a source I trust.

Revision history for this message
Doug McMahon (mc3man) wrote :

KweeK - I don't see this being changed which is to bad
The idea is of the policy is good, but as implemented, many, if not most users will just disable or permanently bypass the cautious-launcher altogether by using wine instead of Wine Windows Program Loader as the default for .exe's

When adding in the issue with .exe's on optical media with current the absence of an fstab entry for cd/dvd drives the policy is even more likely to be circumvented.
Considering a proceed option was added to the lintian check on .deb's installed w/ aptdaemon, - to not do the same here seems silly

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.