Security issue with .desktop files revisited
Thiago Macieira
thiago at kde.org
Wed Apr 12 22:30:04 EEST 2006
Rodney Dawes wrote:
>actually use their computer. And .desktop files are in fact data and
>not executable scripts. Requiring +x just requires you to make them
>behave more like scripts.
The fact that you can write a whole shell script in the Exec= line
makes .desktop files de-facto scripts. They are shell scripts with a
special syntax and one that allows you to change the icon.
>We need to fix the semantics of the Icon field as well. This is actually
>easy to specify for common desktop applications. We can just rely on the
>naming scheme for application icons that is in the Icon Naming
>Specification, and specify the proper way to deal with types of .desktop
>files which are not Type=Application as well, such as links to webdav or
>smb shares.
Agreed. This makes sense.
>Users are going to just get into the habit of always doing chmod
>+x, as we have already been doing for perl/python/etc... scripts that
>we download off the web.
If they have that habit, they may be doing even nastier things than what a
shell script is capable of. A Perl script could be complex enough to
install backdoors and log keystrokes.
>Setting +x is not a solution, it's a problem.
I don't see how enforcing the bit could cause more harm than right now.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
thiago.macieira (AT) trolltech.com Trolltech AS
GPG: 0x6EF45358 | Sandakerveien 116,
E067 918B B660 DBD1 105C | NO-0402
966C 33F5 F005 6EF4 5358 | Oslo, Norway
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20060412/ce690d7e/attachment.pgp
More information about the xdg
mailing list