+x bit (Was: RFC: Autostart spec, first draft)
Waldo Bastian
bastian at kde.org
Thu Jul 7 15:15:48 EEST 2005
On Thursday 07 July 2005 13:33, Mike Hearn wrote:
> Waldo Bastian wrote:
> > First draft, your feedback is highly appreciated.
> >
> > A desktop environment MUST NOT automatically start an application if
> > the corresponding .desktop file has NOT been marked as executable.
>
> There should be some rationale for this in the spec. Marking .desktop
> files +x isn't especially difficult for installers, but:
>
> 1) Why is it necessary?
In previous discussion surrounding .desktop files it was considered a useful
step to increase security (slightly). So I wanted to add it here right from
the start.
> 2) What about noexec mounted home dirs?
That's a good point. Should a user be able to execute shell code located on
such a home dir? Is ~/.profile parsed in such a setup?
> 3) For the case of auto-starting on external media eg CD-ROMs and USB
> Keys, they may be formatted with a filing system that does not
> understand the concept of the UNIX +x bit. What do people who want
> auto-start files in this situation do?
They will need to understand the notion of "executable", no? How else would a
user be able to start an application from the media without auto-start?
> I flicked through the original thread but didn't find any discussion of
> this requirement. As discussed previously on xdg-list, +x
> bits/noexec-mounts do not add any real security as they are easily
> circumvented by anybody who knows what they're doing, and for naive
> users they just add "security through obscurity" which doesn't help much
> either.
Cheers,
Waldo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20050707/6e01d980/attachment.pgp
More information about the xdg
mailing list