Security issue with .desktop files revisited
thiago at kde.org
Thu Mar 23 21:06:54 EET 2006
Mike Hearn wrote:
>On Thu, 23 Mar 2006 17:55:26 +0100, Thiago Macieira wrote:
>> I don't see how it is any different from .desktop files with:
>> Exec=/bin/sh -c 'cd ; rm -rf *'
>> (don't run that!)
>It's not really, except you can write longer programs and even run
>arbitrary ELF programs too.
The possibility of embedding one format inside another while both are
still completely valid exists for many other formats. You can find many
examples out there that do that. Doing so for .desktop files is no
>Perhaps a more complicated system would work better ... +x bit is only
>needed if the Exec line does not contain an absolute path?
The example could be written to call Exec=sh ....
instead of Exec=/bin/sh -c ...
This doesn't help at all.
>> If we require the latter to be executable, why not the former?
>Well, I was never convinced the +x bit was a good idea, problem is that
> if it's off this doesn't give the user any information they didn't
> already know. So why would they change their decision? They double
> clicked it, right? The best you could do is some kind of warning, "This
> file is a program. If you continue, it may do anything you can do. Only
> proceed if you trust the origin of this file." But people often ignore
> or click through such warnings without really considering them.
This warning would show up for each and every .desktop file that the user
clicked on, on the file manager and on the desktop. It would be really
annoying to click on your mail program on your desktop and get a
warning "you clicked on an icon that runs a program. Do you want to run
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
thiago.macieira (AT) trolltech.com Trolltech AS
GPG: 0x6EF45358 | Sandakerveien 116,
E067 918B B660 DBD1 105C | NO-0402
966C 33F5 F005 6EF4 5358 | Oslo, Norway
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20060323/eb0cfd10/attachment.pgp
More information about the xdg