Security issue with .desktop files revisited

Dave Cridland dave at
Tue Mar 28 22:47:46 EEST 2006

On Tue Mar 28 20:40:46 2006, Francois Gouget wrote:
> I was thinking more of something along the lines of 
> '#!/usr/bin/run_desktop_file'. Desktop files are equivalent to 
> shell scripts anyway. The only thing missing is that one cannot use 
> them transparently because exec() does not know what to do with 
> them. This limits their use to a few Freeesktop-aware applications. 
> Adding the above line and making _trusted_ desktop files executable 
> would fix this oversight.

Hmmm... Of course, "launching" a desktop file could be done by simply 
executing it, then, which makes quite a bit of sense.

           You see things; and you say "Why?"
   But I dream things that never were; and I say "Why not?"
    - George Bernard Shaw

More information about the xdg mailing list