Bug 497734

Summary: Add a warning pop up if a opened file's name ends in multiple extensions in order to expose suspicious files
Product: [Frameworks and Libraries] frameworks-kio Reporter: Fernando M. Muniz <fernandommuniz>
Component: generalAssignee: KIO Bugs <kio-bugs-null>
Status: RESOLVED WORKSFORME    
Severity: wishlist CC: kde, kdelibs-bugs-null, nate
Priority: NOR    
Version First Reported In: 6.9.0   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Fernando M. Muniz 2024-12-21 01:06:44 UTC 
I'm requesting that if files end in "Sponsorship.pdf.run", ".pdf.scr" or ".txt.exe" would make a window appear, warning the user that the file seems to be masquerading as another file type.

Even though Linux distros in general are mostly unaffected by phishing emails, the user could just think that Plasma is wrongly trying to open the pdf as ".exe", then the user would transfer the file to a Windows computer, infecting it.

Perhaps this should happen for any file with multiple extensions, but maybe they aren't all inherently suspicious.
Comment 1 Nate Graham 2025-01-03 20:13:44 UTC 
This *can* be a source of suspicion, but it isn't necessarily problematic. For example in the FOSS world, it's very common for archive files to have the .tar.gz extension, which definitely shouldn't trip this.

What matters here is really whether an *executable* file is masquerading as a normal file. And we already have a popup for such files when you try to open them.