"Name" key value in desk. entry spec collides with file names, could misguide users?

Kalle Vahlman kalle.vahlman at gmail.com
Tue Mar 15 11:26:31 EET 2005


On Tue, 15 Mar 2005 00:44:55 +0100, Lars Hallberg <spam at micropp.se> wrote:
> Kalle Vahlman wrote:
> >Yeah. And that is by no means the .desktops fault, no more than .pifs.
> >It's the stupid user that does the work. I would never open anything
> >sent from a hotmail acccount, but most people would. How do you
> >protect users from downloading an archive, unpacking it and *then*
> >running the malware?
> >
> The user shuld not run anything, but they might reasnoble save it to the
> desktop or other folder for later examination. I don't know if this is
> true about .desktops ... but if it is ther is a problem.
> 
> * They can set an ikon
> 
> * They can name themself nude.jpg
> 
> * They start arbitrary code when clicked.

I'm not sure, but I assume the (per-user) default mime type handlers
are not too protected so they expose the same problem.
 
> Now... That *is* bad. Simplest sulution would be *not* to alowe dots in
> the name!

Or at least run the same checks for the suffix and the .desktop Type field.

> Then it up to the filebrowsers implementation making it obvius it is an
> executable for extra security.

This itself does not guarantee security. It may help it, but the user
is still responsible for not running shady executables.

> >--- begin "my nude full frontal.png"
> >#!/bin/sh
> >
> >exec malware
> >--- end
> >
> >do it already?
> >
> >
> Will not show up with a thumb of a nude girl in the filebrowser, will it?

Probably not. But I am so pessimistic about the mass of users out
there that I dare to say that for most people, it doesn't matter. They
will click it anyway.

-- 
Kalle Vahlman, zuh at iki.fi



More information about the xdg mailing list