.desktop file security
Octavio Alvarez
alvarezp at alvarezp.ods.org
Sun Feb 22 10:07:48 PST 2009
On Sun, 2009-02-22 at 11:13 -0500, Michael Pyne wrote:
> On Sunday 22 February 2009, Vincent Untz wrote:
> > Le samedi 21 février 2009, à 18:07 -0500, Michael Pyne a écrit :
> > > Hi all,
> > >
> > > I'm just writing to let you know that I'm working on changing the
> > > handling of .desktop files for the next major version of KDE. The
> work
> > > itself is being tracked on kde-core-devel but a synopsis of the
> plan is:
> >
> > Here's the thread about this for GNOME:
> >
> http://mail.gnome.org/archives/desktop-devel-list/2009-February/msg00132.ht
> >ml
> >
> > We should make sure to handle this the same way, IMHO.
>
> I'll look at the thread, thanks. I agree we should handle it the same
> way.
I have seen no indication in this or other threads about what to do if
there exists a trusted system .desktop shortcut and an untrusted
user .desktop shortcut.
As of right now, my system replaced the system one with the user one. (I
just tried a "cp". I don't know what are the requirements for the
replacement to be taken place).
More information about the xdg
mailing list