But the application doesn't _need_ to execute the contents for bad stuff to happen viz jpg and pdf encoder exploits.
Also, how many applications actually _execute_ (bare machine, vm's don't count) content? My guess is that few if any of the applications a user opens that isn't executed by finder itself is going to execute the file's contents.
Also, how many applications actually _execute_ (bare machine, vm's don't count) content? My guess is that few if any of the applications a user opens that isn't executed by finder itself is going to execute the file's contents.