.desktop file security

Simon McVittie simon.mcvittie at collabora.co.uk
Tue Feb 24 04:40:33 PST 2009

On Tue, 24 Feb 2009 at 13:29:05 +0100, Alexander Larsson wrote:
> On Tue, 2009-02-24 at 11:13 +0000, John Tapsell wrote:
> > It's dangerous not to.  If it's marked as executable, and you execute
> > it, it will try to be parsed by bash.  Most of the time this will just
> > generate lots of "file not found" errors as bash tries to understand
> > it, but it seems pretty dangerous to rely on this!
> Really, even if there is no #!/bin/sh ? How does it know to pick bash as
> the interpreter for files like this?

More accurately, /bin/sh will try to parse it (executable files that
have no #! and no magic number recognised by the kernel are executed with
/bin/sh). /bin/sh happens to be bash on most distributions, at least by
default (but is dash on Ubuntu and on some Debian systems).


More information about the xdg mailing list