Posted by Ed Seedhouse on 12/09/06 21:00

On Sat, 09 Dec 2006 15:01:03 -0500, Ed Mullen <ed@edmullen.net> wrote:

>Ed Seedhouse wrote:

>>>secuity risk.
>>> IE does this. It is not off the market..
>>
>> I don't believe it does.

>
>It can run an executable from both a local and remote Web page. You
>should get a prompt to choose saving the file or running it. If you
>choose run, it will. Try it:

That's not the same thing at all. That's using the mime type of a
downloaded file to request the o/s to load the file into it's default
program for that mime type.

But it's not going to let you run any program not associated with files
that have a mime-type, such as, say "format.com". While this may itself
be dubious, the user at least has an option not to have a program that
will run those files or to delete that program from the list of programs
that are associated with certain file types. And normally the browser
will also ask him if he wants to run or download the file.

The OP wanted to run any executable file directly and with no
intermediary control method right from the web browser with a link. That
would allow any web page, anywhere, to delete all the files from your
computer hard drive and no browser that I am aware of will do that,
thank goodness! Even Microsoft isn't that stupid.

[Back to original message]