Security issue with .desktop files revisited
Francois Gouget
fgouget at codeweavers.com
Tue Mar 28 17:49:48 EEST 2006
Mike Hearn wrote:
[...]
> Here's an idea - the problem with requiring an EA or +x to be set is it
> breaks backwards compatibility (it'd break Crossover/Wine for one ...).
Well, in my proposal, only untrusted files need the untrusted EA bit
set. So backward compatibility is not broken.
> But what if the logic is inverted - so the absence of +x means a file is
> trusted, and web browsers or email programs set +x when they save a file
> to disk?
Surely, requiring that web browsers and email tools make all the files
they save executable cannot be good for security...
> The +x bit on a .desktop file in the users home dir is then
> treated as a "don't trust" marker.
Which is kind of the opposite of its normal meaning which can be taken
to be 'I trust this file enough that I am willing to execute it'.
--
Francois Gouget
fgouget at codeweavers.com
More information about the xdg
mailing list