.desktop file security
Alexander Larsson
alexl at redhat.com
Tue Feb 24 07:08:58 PST 2009
On Tue, 2009-02-24 at 15:35 +0100, Vincent Untz wrote:
> Le mardi 24 février 2009, à 13:49 +0100, Alexander Larsson a écrit :
> > On Tue, 2009-02-24 at 13:27 +0100, Alexander Larsson wrote:
> > > 6. Make sure that launchers added to the Desktop and whatnot are marked
> > > as executable.
> >
> > This is actually kinda tricky. DnDing a launcher from the start menu or
> > the panel in Gnome is just a regular copy operation of the source
> > desktop file. We don't want the normal copy operation to rewrite and
> > chmod a+x all desktop files in general, since people expect a standard
> > copy of a filesystem tree to not modify any of the files.
> >
> > I guess we can special case the case of a single .desktop file being
> > copied to the desktop. Are there other similar cases that seem likely to
> > happen in practice?
>
> gnome-panel has some code to add a desktop file to the desktop from the
> applications menu (without drag and drop). I guess some other apps might
> have this too.
>
> Setting the +x bit isn't hard, but adding some #! header is, hrm, not
> fun... Oh well.
I commited some nautilus code you can use.
See nautilus_file_mark_desktop_file_trusted().
More information about the xdg
mailing list