Security issue with .desktop files revisited

Francois Gouget fgouget at codeweavers.com
Thu Apr 13 02:22:00 EEST 2006


Egbert van der Wal wrote:
[...]
> I would say a more appropriate approach would be to classify the command
> in a few cases:
> 1) The command executed is a program/script in the user's home-directory
> or some other user-writable location(which increases the risk of it
> being malware)
> 2) The command executed is an program/script in /bin, which are
> generally more dangerous than other executables(rm, mv and others reside
> there)
> 3) The command executed is a program/script in /usr/bin, which are
> generally(but not always ofcourse) safer to use.

This simply won't work. It will get it wrong at the very least 50% of 
the time and any action taken on this will thus irritate and be ignored 
by users. Determining whether a command is safe or not requires 
intelligence and knowledge, neither of which a computer has.


> As the
> situation now is, .desktop files aren't more executable than .sh files
> without a +x bit set; those too can be executed by doing 'sh script.sh',
> same as .desktop files with a different parser.

A .sh file that does not have the +x bit set cannot be run by clicking 
on it in a file browser or on the desktop.
A .desktop file does run in that case.

-- 
Francois Gouget
fgouget at codeweavers.com




More information about the xdg mailing list