As we all know, security is only partly a technical problem, the rest is usability and information about possible solutions of the increasing threat by viruses and so on.

I would like to suggest to define a way to securely start programs and open files. This would probably mean to write a new KDE application. This could then be integrated into konqueror, kmail, knode and any other software from which the user (often) opens files.

konqueror could get extra menu entries ("open" and "open securely"), kmail and knode could use this way by default.

This new application would allow the user to configure what shall be done: run as other user, run chrooted, run (SUID programs) with certain CAPABILITIES, run with untrusted access to the X server, prevent the programm from accessing the network - whatever restrictions the system allows.

As SuSE and maybe other distributors already have some tools to do that or may develop them in the future (which are neither standardized nor easy to use)