https://bugs.kde.org/show_bug.cgi?id=374572
--- Comment #6 from Fabian Vogt <fab...@ritter-vogt.de> --- (In reply to Elvis Angelaccio from comment #5) > (In reply to Fabian Vogt from comment #4) > > Thanks for fixing! > > > > However, I'm not sure whether this is the right approach. > > What about a dialog that tells the user that it is an executable file and it > > should only be run if it's trusted and also that it may need the archive to > > be extraced somewhere? It's the approach that's used on Windows as well. > > Well we could do that, but only on master. Stable branches can do with my > fix above. I haven't tested the fix yet, what happens now if the user clicks on the file, is it opened in a text editor, so as-if the file weren't executable? If nothing happens at all, I'd consider it as a regression, even. > Anyway, I'm not sure if we can check the executable bit before extraction. > What Ark currently does is extracting the selected entry to a temporary > folder, then KRun is called over that url. So the dialog would only ask "you > are about to run this file, do you trust it?" Couldn't you test the executable flag between extraction and execution? -- You are receiving this mail because: You are watching all bug changes.
