.desktop files, serious security hole, virus-friendliness
Loïc Minier
lool+freedesktop at via.ecp.fr
Thu Jan 25 03:24:07 PST 2007
On Thu, Jan 25, 2007, Stanislav Brabec wrote:
> But because pattern "*.jpg " has no MIME association, shared-mime-info
> offers no warning, that file which conforms defined magic but does not
> have name in form "*.desktop" is suspicious.
>
> glob pattern and magic in shared mime info mean: Recognize MIME type, if
> file has suffix OR file conforms magic. In this case, we need AND (or
> remove magic at all).
Yes, I agree with the analysis. FYI, I was pointed at how the Xfce
file manager works around this:
/* check if the file tries to look like a regular document (i.e.
* a display name of 'file.png'), maybe a virus or other malware.
*/
fake_mime_info = thunar_vfs_mime_database_get_info_for_name (_thunar_vfs_mime_database, str);
if (fake_mime_info != _thunar_vfs_mime_application_octet_stream && fake_mime_info != info->mime_info)
{
/* release the previous mime info */
thunar_vfs_mime_info_unref (info->mime_info);
/* set the MIME type of the file to 'x-thunar/suspected-malware' to indicate that
* it's not safe to trust the file content and execute it or otherwise operate on it.
*/
info->mime_info = thunar_vfs_mime_database_get_info (_thunar_vfs_mime_database, "x-thunar/suspected-malware");
/* reset the executable flag */
info->flags &= ~THUNAR_VFS_FILE_FLAGS_EXECUTABLE;
/* reset the custom icon */
g_free (info->custom_icon);
info->custom_icon = NULL;
/* reset the name str, so we display the real file name */
name = NULL;
}
So, I suppose the same could be done for gnome-vfs/nautilus but I am
not sure where the relevant code is.
--
Loïc Minier <lool at dooz.org>
More information about the xdg
mailing list