Security issue with .desktop files revisited
Francois Gouget
fgouget at codeweavers.com
Tue Mar 28 19:01:52 EEST 2006
Mike Hearn wrote:
[...]
> right now +x on such a file is meaningless anyway.
One more thing, the above remark is in fact pretty insightful: normal
desktop files are not programs, neither of the shell or of the ELF kind.
They are data files. Running them does not work. Only malicious desktop
files can actually be run when marked +x.
Marking a large number of non-runnable data files as executables for
whatever reason cannot be a good idea:
* When a user sees a file called 'foo.desktop' that is executable then
he rightly expects './foo.desktop' to do something meaningful. Marking
desktop files +x breaks this expectation which in the best case is going
to lead to lots of support questions.
* It also leds to confusion as to exactly what the +x bit means.
* It would be very much akin to marking jpeg files as executable to
prevent some of them from exploiting buffer overflows in graphics programs.
Now if desktop files were to start with '#!/usr/bin/whatever', then
making the trusted ones executable could make sense.
--
Francois Gouget
fgouget at codeweavers.com
More information about the xdg
mailing list