.desktop file security

John Tapsell johnflux at gmail.com
Tue Feb 24 06:49:04 PST 2009

One potential security flaw...

Say there is a   myfile.desktop file that already exists and is
executable.  If a file download overwrites this, it also becomes
executable, since overwriting a file takes on its permissions.

Maybe a user shouldn't be so silly as to agree to overwrite the
existing file, but is there anything we can do to prevent this?


More information about the xdg mailing list