relative paths in Exec= in .desktop and .service files
Thiago Macieira
thiago at kde.org
Wed Sep 10 14:24:37 PDT 2014
On Wednesday 10 September 2014 12:31:44 Jon Watte wrote:
> > I also fail to see how having a token is any better than declaring
> > relative
> > paths to be searched from $PWD. Can you shed more light on this
> > suggestion?
>
> $PWD is something that a user or administrator may change for many
> different reasons, not to mention it's different per-user. Relying on this
> for dbus invocation may lead to all kinds of hard-to-debug surprises and
> perhaps open up attack vectors.
That's exactly what I suggested we *not* do.
I suggested that it be relative to where the .desktop file is. That means all
applications and all users accessing the same .desktop file will have the same
behaviour.
I misspoke when I said $PWD. I was probably thinking of qmake project files,
where $$PWD expands to "directory where I found the project file".
> Tying yet-another-thing into that same environment value means that you tie
> more opportunities for failure into a thing users typically fiddle with.
> If the goal is to support alternative or non-standard or isolated installs
> of dbus, then having one place that defines what "search start" means FOR
> THAT INSTALL would be the most robust and secure solution,.
> On Windows, that might be a registry value that is specific to dbus.
> On Linux, that could be a symlink in /etc/alternatives, for example. (This
> is an illustrative example, not a soup-to-nuts considered proposal)
>
> However, I think the system would be simpler and more secure if relative
> search just didn't exist. If the only actual, needed-right-now, reason to
> introduce relative search is for Windows support, then I don't think that
> use case is important enough to relax the potential security and complexify
> the implementation and administration.
Does this clarification change your answer?
Because I don't see how this suggestion adds a security issue.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Software Architect - Intel Open Source Technology Center
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
More information about the xdg
mailing list