On Tue, 21 Feb 2006, bliz wrote:
Ok, sorry for making that assumption. I would like to argue that
it's better to have the browser ask you weather ou want to Save or
Open /any/ binary type isntead of automatically opening it.
Sure: it's a configuration option to have the browser prompt me
whether I want to view it in the zip viewer application, or download
it, etc.
Automatic opening can lead to security problems, on any OS.
Point taken, but if I'm only viewing the directory, then the crackers
have to find some way of compromising the zip-viewer's
directory-viewing code; or fooling the zip-viewer into telling me lies
about what it is I'm seeing, to the point that I would be tempted to
open the actual content in some unsafe way.
I wasn't for a moment suggesting that the zip viewer would go and
execute any programs it might find in the archive, without my consent.
And of course in 99% of cases I would be doing this from my
unprivileged user account, not from my wizard's account. I avoid
using the latter except when I'm actually intending to install some
program - from what seems to be a trustworthy source. Can't be 100%
sure, obviously, because even trusted sources have occasionally been
compromised. But the policy has kept me safe enough, for many years
now.
so, whenever that IE was asked to open a real XHTML
file, it would fire-up Mozilla and view it there.
It's not that hard to configure IE contrary to popular belief :-P
I worked out how to do that in Win/NT4, but there doesn't seem to be a
user interface for it in 2K or XP. Fortunately, most of my
sysadminning is on linux, and none of my general web browsing on MSIE,
so I don't much care whether Windows has a UI for it or not; but I'd
be vaguely interested, nevertheless, and it might be of interest to
other readers.
all the best