Security issue with .desktop files revisited
Waldo Bastian
bastian at kde.org
Sat Apr 8 08:43:03 EEST 2006
On Tuesday 28 March 2006 11:27, Francois Gouget wrote:
> Mike Hearn wrote:
> [...]
>
> > To reiterate, the security problem here is that something which is a
> > program can make itself look like a document by using a .desktop file.
>
> Right, that was the initial problem. But your proposals to use the +x
> permission bit to fix it creates a lot more security issues that they
> fix. Claiming they are unrelated is ridiculous.
>
> > The fact that +x bits have some other meaning for shell scripts and
> >
> > ELF files isn't related .....
>
> The meaning of the +x bit is defined by the exec() Unix system call. It
> does not matter to that system call whether the file is a shell script,
> an ELF binary or a desktop file. You can say what you want, it *is*
> related.
>
> When considering security issues you must always consider the whole
> system, not just the one small aspect you are interested in. Failure to
> do so results in opening more security holes than you plug.
I think it's a sane idea to require +x on .desktop files in order for a file
browser or "Desktop" to execute the .desktop file. It shouldn't be too much
of a problem to add a #!/usr/bin/xdg-open line to the format either, although
it my take a while before applications actually start to add that.
Cheers,
Waldo
--
Linux Client Architect - Channel Platform Solutions Group - Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20060407/f2218875/attachment.pgp
More information about the xdg
mailing list