.desktop file security

Patryk Zawadzki patrys at pld-linux.org
Tue Feb 24 07:45:48 PST 2009


On Tue, Feb 24, 2009 at 3:23 PM, Thiago Macieira <thiago at kde.org> wrote:
> Em Terça-feira 24 Fevereiro 2009, às 15:05:04, Patryk Zawadzki escreveu:
>> What comes to mind is why would we want to use the executable bit for
>> non-executable files? I don't want my shell to tab-complete commands
>> that are not executable, be it .desktop, .mp3 or .foobar. If we
>> absolutely need to use the +x flag, use it only if extended attrs are
>> not provided or not available.
> .desktop files of Type=Application are executable. We just need a suitable
> loader for them.

For the record: even if we requrie this specific file type to be
executable AND provide a binfmt launcher (please don't add the
xdg-open shebang, it's an ugly workaround), it still does not solve
much in "the big picture". It's still perfectly possible to create a
desktop file, mark it as executable then archive it and send it to
your friend (naming it pr0n.tar.gz).

I think the "big picture" needs marking files as safe in general, be
it desktop files or Word docs with macros. Basically any kind of
useful automation needs a sandboxing mechanism of some sort and we
could try to aid ourselves using the extended attributes to do so.

-- 
Patryk Zawadzki


More information about the xdg mailing list