GNOME Bugzilla – Bug 794681
Remove auto-open downloads feature
Last modified: 2019-11-21 21:36:28 UTC
This is inherently unsafe because a webpage can download a malicious file without user interaction, and trust it will open automatically in a vulnerable application. Posting this for feedback. I know Michael is using this feature, for instance. Would you miss it?
CCing people for opinions
Created attachment 370128 [details] [review] Remove auto-open downloads feature This is inherently unsafe because a webpage can download a malicious file without user interaction, and trust it will open automatically in a vulnerable application. We will continue to download files automatically, despite the various Chrome hacks from last year proving that this can be abused via tracker and GNOME desktop thumbnailers. Tracker now mitigates this risk using libseccomp, and GNOME desktop thumbnailers are now run under bubblewrap.
This would indeed make me a bit sad - it's pretty handy. Is it possible to auto-open only in response to an explicit user action?
(In reply to Michael Catanzaro from comment #0) ... > Posting this for feedback. I know Michael is using this feature, for > instance. Would you miss it? I've never had this option activated in any of my browsers ever. I won't miss it and the reasons why I don't have it activated are the same ones why it shouldn't even be available. Thanks for bringing up this bug, Michael.
I never had this enabled either.
(In reply to Michael Gratton from comment #3) > This would indeed make me a bit sad - it's pretty handy. Is it possible to > auto-open only in response to an explicit user action? I don't think it is possible.
IMHO remove this feature, i have never enabled it.
Going to go ahead with this.
Attachment 370128 [details] pushed as a41416c - Remove auto-open downloads feature
Removing features is almost always a bad idea. A warning displayed when a user enables the function would do.