+x bit (Was: RFC: Autostart spec, first draft)
m.hearn at signal.QinetiQ.com
Thu Jul 7 15:48:23 EEST 2005
> In previous discussion surrounding .desktop files it was considered a useful
> step to increase security (slightly). So I wanted to add it here right from
> the start.
Well, a few people did, but I never saw any rationale for that beyond
"it might stop people clicking on things they downloaded until they take
an extra step".
But this situation is different: users won't be downloading auto start
files. They'll be installed by some other program, or be on mountable
media. Requiring the +x bit here is inconsistent with the current
.desktop entry spec, and doesn't add any security as the user isn't
> That's a good point. Should a user be able to execute shell code located on
> such a home dir? Is ~/.profile parsed in such a setup?
You can always execute code of whatever form if it's in your home dir,
for instance by piping the contents of a script to the interpreter or by
using the ld.so trick.
> They will need to understand the notion of "executable", no? How else would a
> user be able to start an application from the media without auto-start?
Some filing systems make everything executable, and others make nothing
executable (eg, CD-ROMs exported over a network). In other cases CDs
that are copied on Windows machines may lose extra metadata etc. I don't
think we can assume that even if it starts +x it'll remain that way.
More information about the xdg