> People keep making the assertion that top-level domains that > have the same strings as popular file extensions will be a > 'security disaster', but I've yet to see an explanation of > the potential exploits. I could maybe see a problem with > ".LOCAL" due to mdns or llmnr or ".1" due to the risk of > someone registering "127.0.0.1", but I've yet to see any > significant risk increase if (say) the .EXE TLD were created. > Can someone explain (this is a serious question)?
Many years ago there was a wonderful web browser named Lynx. It could do all kinds of nifty things and you could build an entire information systems interface with it, including things like a menu that allowed you to select an executable program that would be run on the same remote system that was running Lynx. People who lived through this era have a vague memory that executables and URLs are in sort of the same namespace. Of course that's not true because executable files are referred to as lynxexec:script.pl instead of http://script.pl > > Seeing as a certain popular operating system confounds local file > > access via Explorer with internet access... > > I gather you're implying MS Windows does this? Not mine. --Michael Dillon
