[9front] mimetype: add entry for .patch extension

[9front] mimetype: add entry for .patch extension

[Michael Forney]

This way, upas/vf won't flag .patch files as suspicious by default.

diff 55083200f5d1392076feb1bd51625d02d46a9698 9ff94047ba6fbb83806c7c3a86be6f2f897ef7b5
--- a/sys/lib/mimetype	Sun Feb  7 15:01:36 2021
+++ b/sys/lib/mimetype	Sun Feb  7 15:07:37 2021
@@ -91,6 +91,7 @@
 .p		text		plain			-	y # Pascal program
 .p7m		application	x-pkcs7-mime		-	y # SMIME
 .p7s		application	x-pkcs7-signature	-	y # SMIME
+.patch		text		plain		-		y
 .pbm		image		x-portable-bitmap	-	y
 .pdf		application	pdf		-		y # Adobe Portable Document Format
 .pif		application	octet-stream	-		r # DOS executable

Re: [9front] mimetype: add entry for .patch extension

[ori]

Quoth Michael Forney <mforney@mforney.org>:
> This way, upas/vf won't flag .patch files as suspicious by default.
> 
> diff 55083200f5d1392076feb1bd51625d02d46a9698 9ff94047ba6fbb83806c7c3a86be6f2f897ef7b5
> --- a/sys/lib/mimetype	Sun Feb  7 15:01:36 2021
> +++ b/sys/lib/mimetype	Sun Feb  7 15:07:37 2021
> @@ -91,6 +91,7 @@
>  .p		text		plain			-	y # Pascal program
>  .p7m		application	x-pkcs7-mime		-	y # SMIME
>  .p7s		application	x-pkcs7-signature	-	y # SMIME
> +.patch		text		plain		-		y
>  .pbm		image		x-portable-bitmap	-	y
>  .pdf		application	pdf		-		y # Adobe Portable Document Format
>  .pif		application	octet-stream	-		r # DOS executable
> 

Seems good, but for most purposes, it also seems
reasonable to just 'rm /mail/lib/validateattachment';
I don't think it really does anything useful for mail
on plan 9.

Re: [9front] mimetype: add entry for .patch extension

[Lyndon Nerenberg (VE7TFX/VE6BBM)]

ori@eigenstate.org writes:

> Seems good, but for most purposes, it also seems
> reasonable to just 'rm /mail/lib/validateattachment';
> I don't think it really does anything useful for mail
> on plan 9.

+1.  Cheking against file extensions tells you nothing.  It has
always puzzled me why software that cares about this doesn't look
at the actual content ala 'file -m'.

Re: [9front] mimetype: add entry for .patch extension

[sirjofri]

09.02.2021 06:08:56 ori@eigenstate.org:
> Quoth Michael Forney <mforney@mforney.org>:
>> This way, upas/vf won't flag .patch files as suspicious by default.
>>
>> diff [...]
>
> Seems good, but for most purposes, it also seems
> reasonable to just 'rm /mail/lib/validateattachment';
> I don't think it really does anything useful for mail
> on plan 9.

If you don't think about mail, but http servers: at least rc-httpd uses 
it to construct content-type headers. It extends this list (which btw 
doesn't include css and js). I'm not sure about ip/httpd or tcp80.

I have some extensions for rc-httpd I did for gridchat-web, that included 
basic range handling as well as POST. I wanted to prepare a patch. It's 
on https://github.com/sirjofri/gridchat-web, if someone else wants to do 
it (it's very easy, but contains one auxiliary native program for range 
handling. I can try some chain using cat file | {read -c $start 
>/dev/null; read -c $end} instead and see if it's faster than dd. Sorry 
for offtopic).

sirjofri

Re: [9front] mimetype: add entry for .patch extension

[hiro]

i still want a virus encoded either into a filename or into some magic
bytes that file will stumble over hahaha :D

lyndon's point stands, also for webservers.

it's silly that webservers are expected to run filename heuristics
just so that it can lie to the browser about what filetype it might
be.

it breaks too often in practice, i don't like it.

and the browser never does what i want, i can't force it to just
DISPLAY the image even though the webserver claims it can only be
downloaded to disk.

maybe all this together is even more messy than that little itch with
mail content types that makes people feel so much more safe
doubleclicking on every attachment they get.

On 2/10/21, sirjofri <sirjofri+ml-9front@sirjofri.de> wrote:
>
> 09.02.2021 06:08:56 ori@eigenstate.org:
>> Quoth Michael Forney <mforney@mforney.org>:
>>> This way, upas/vf won't flag .patch files as suspicious by default.
>>>
>>> diff [...]
>>
>> Seems good, but for most purposes, it also seems
>> reasonable to just 'rm /mail/lib/validateattachment';
>> I don't think it really does anything useful for mail
>> on plan 9.
>
> If you don't think about mail, but http servers: at least rc-httpd uses
> it to construct content-type headers. It extends this list (which btw
> doesn't include css and js). I'm not sure about ip/httpd or tcp80.
>
> I have some extensions for rc-httpd I did for gridchat-web, that included
> basic range handling as well as POST. I wanted to prepare a patch. It's
> on https://github.com/sirjofri/gridchat-web, if someone else wants to do
> it (it's very easy, but contains one auxiliary native program for range
> handling. I can try some chain using cat file | {read -c $start
>>/dev/null; read -c $end} instead and see if it's faster than dd. Sorry
> for offtopic).
>
> sirjofri
>

Re: [9front] mimetype: add entry for .patch extension

[Michael Forney]

On 2021-02-08, ori@eigenstate.org <ori@eigenstate.org> wrote:
> Seems good, but for most purposes, it also seems
> reasonable to just 'rm /mail/lib/validateattachment';
> I don't think it really does anything useful for mail
> on plan 9.

I don't think this alone is sufficient, if validateattachment is
missing it will cause upas/vf to flag *all* attachments with an
unknown extension as suspicious.

Removing upas/vf from the pipeline in /mail/lib/qmail does have the
desired effect, though.