BitTorrent (Mac OS X) client does not Quarantine downloaded files

[bthomas]

BitTorrent, as a download client, should quarantine downloaded files. From Launch Services release notes for 10.5 (http://developer.apple.com/releasenotes/Carbon/RN-LaunchServices/index.html):

File Quarantine is a new feature in Leopard designed to protect users from trojan horse attacks. It allows applications which download file content from the Internet to place files in "quarantine" to indicate that the file could be from an untrustworthy source. An application quarantines a file simply by assigning values to one or more quarantine properties which preserve information about when and where the file come from.

Quarantining files comes from either

1) Specifically using the LSSetItemAttribute API to set quarantine attributes. This allows BitTorrent to set additional information that will be displayed to the user, e.g. the source URL (such as shown when downloading from Safari).

2) Simply adding "LSFileQuarantineEnabled" = true to Info.plist. This will opt BitTorrent in to Quarantine, and all files saved by BitTorrent will be automatically quaranted. This is not an appropriate option if BitTorrent needs to save out other files, that are not downloaded from the internet, but the user is supposed to double-click on (i.e., temporary files are OK, because Quarantine is only respected by LaunchServices, file double-clicked).

[NoOneButMe]

Quoting carbon docs doesn't really help to make your point; Carbon is slowly being deprecated by Apple. But Quarantine is new in Leopard, so you do have somewhat of a point.

Though, what do you want it to pop up and show? "This file was downloaded by uTorrent on $date"? That's largely pointless, given you have to specifically open torrent files before uTorrent can download them. A better option here if you want things to be quarantined would be to have OS X somehow quarantine .torrent files and ask *before* you start downloading them. Not the files afterwards.

[Zandros]

I apologise for the late reply and if this is already solved, but IIRC the application quarantine is there for both warning the user that the app is from the Internet, and for warning the user that this file is an application (for example, something malicious disguised as an image).

[NoOneButMe]

I reiterate my point from 6 (?!) months ago:

..largely pointless, given you have to specifically open torrent files before uTorrent can download them.

And what Apple has in 10.6 will already warn the user on opening malicious files, regardless of the LSFileQuarentineEnabled setting. Its up to Apple to backport that, not Bittorrent.

[bthomas]

NoOneButMe: incorrect, malware (and disguised app) warnings are only for quarantined files.

[NoOneButMe]

Looks like i stand corrected on the point of LSFileQuarantineEnabled. However, I still think my first point, on having to manually download the file, then open it to download the files to your computer stands. It (to me, and note: i'm not a dev) doesn't really have much of a security benefit and adds an extra step that only gets between the user and their files.