.desktop files, serious security hole, virus-friendliness

Loïc Minier lool+freedesktop at via.ecp.fr
Thu Jan 25 03:24:07 PST 2007

On Thu, Jan 25, 2007, Stanislav Brabec wrote:
> But because pattern "*.jpg " has no MIME association, shared-mime-info
> offers no warning, that file which conforms defined magic but does not
> have name in form "*.desktop" is suspicious.
> glob pattern and magic in shared mime info mean: Recognize MIME type, if
> file has suffix OR file conforms magic. In this case, we need AND (or
> remove magic at all).

 Yes, I agree with the analysis.  FYI, I was pointed at how the Xfce
 file manager works around this:

/* check if the file tries to look like a regular document (i.e.
 * a display name of 'file.png'), maybe a virus or other malware.
fake_mime_info = thunar_vfs_mime_database_get_info_for_name (_thunar_vfs_mime_database, str);
if (fake_mime_info != _thunar_vfs_mime_application_octet_stream && fake_mime_info != info->mime_info)
    /* release the previous mime info */
    thunar_vfs_mime_info_unref (info->mime_info);

    /* set the MIME type of the file to 'x-thunar/suspected-malware' to indicate that
     * it's not safe to trust the file content and execute it or otherwise operate on it.
    info->mime_info = thunar_vfs_mime_database_get_info (_thunar_vfs_mime_database, "x-thunar/suspected-malware");

    /* reset the executable flag */

    /* reset the custom icon */
    g_free (info->custom_icon);
    info->custom_icon = NULL;

    /* reset the name str, so we display the real file name */
    name = NULL;

 So, I suppose the same could be done for gnome-vfs/nautilus but I am
 not sure where the relevant code is.

Loïc Minier <lool at dooz.org>

More information about the xdg mailing list