Re: merge sensible-browser in xdg-open AKA how to select the "best" browser
* Sandro Tosi <firstname.lastname@example.org> [090801 17:55]:
> [ making sensible-browser a symlink to xdg-open]
> Honestly, I don't that problem (but it won't surprise anyone if I'm
> wrong) because it's something similar to double-click on a
> malicious/dangerous executable in a file manager, hence why I wanted
> to bring this to a wide audience.
Please consider the following cases, which are usually considered
- some commercial mail program (you may guess one time which company
wrote it), automatically played audio files attached to an email
when opeing it. To determine it is an audio file it looked at the
mime type, to play it the usual generic file opening code is used.
You may guess one time what happens if such a file is called
- The browser links (or one of its many derivatives) has a list of
external programs for the different file types. When it is about to
start and external program it shows what file and which content type
(and I think which program) it is about to start. Sadly that default
was for images not 'see image/png:%' and so on, but only 'see %'.
As wine was registering itself as program to open windows executables
with, people suddenly got wine starting up, when they thought they
had only authorized starting an image.
Even in the case of the file manager quoted above, I consider any
program just calling xdg-open with it as very likely a security problem.
While users should not click on arbitrary stuff, they are usually shown
a file-type of what they click on: some text in mail program's
attachment list, an icon in a file manager and so on. Thus causing it
to start something else is not the fault of the user, but that of the
The possible problem with changing sensible-browser I see:
Currently sensible-browser is opening a browser. All browsers I have yet
but only what you also expose when surfing the net) or ask before
starting an other program (or were told to never ask again).
Thus it is quite thinkable that some program has some file downloaded
it things is html and gives this file to s-b, which would not a problem
now, but with xdg-open it likely could be.
Bernhard R. Link
 one could argue no such list should contain possible harmful things,
but especially with interpreters it is hard to be sure there is none
 without giving the mime-type as some option I do not know xdg-open
has got yet...