• computergeek125@lemmy.worldEnglish
    0·
    9 months ago

    As an IT Engineer this concept frankly terrified me and feels like your opening yourself up to a potential zero click attack - such as https://threatpost.com/apple-mail-zero-click-security-vulnerability/165238/

    So my initial answer is an emphatic “please do not the ZIP”. It could be as mundane as a ZIP bomb, or it could explain a vulnerability in the operating system or automatic extraction program. Having a human required to open the ZIP prior to its expansion reduces its attack surface area somewhat (but not eliminates it) because it allows the human to go “huh this ZIP looks funny” if something is off, rather than just dispatching an automated task.

    With that out of the way - what’s your use case with this? There has to be a specific reason your interested in saving a few clips here on one highly specific archive format, but not others like the tar unix archive, 7z, or RAR.

    • maness300@lemmy.worldOP
      0·
      9 months ago

      I didn’t read your response beyond the first sentence.

      If Apple can do this, why can’t we?

      • computergeek125@lemmy.worldEnglish
        0·
        9 months ago

        I do not have an answer for that. But if you only plan to read one part of my answer I would suggest reading the last sentence of my response instead of the first. Can’t help you if you don’t tell me what’s wrong.

  • Moonrise2473@feddit.it
    0·
    9 months ago

    I think it needs to be done by the operating system, extensions nowadays don’t have the permissions to do that.

    When I was using MacOS it automatically extract zipped files and I hated it so much, you accidentally click on a link, it automatically saves in download and automatically unzip it, leading to too much trash in downloads…