.desktop file security
Simon McVittie
simon.mcvittie at collabora.co.uk
Tue Feb 24 04:40:33 PST 2009
On Tue, 24 Feb 2009 at 13:29:05 +0100, Alexander Larsson wrote:
> On Tue, 2009-02-24 at 11:13 +0000, John Tapsell wrote:
> > It's dangerous not to. If it's marked as executable, and you execute
> > it, it will try to be parsed by bash. Most of the time this will just
> > generate lots of "file not found" errors as bash tries to understand
> > it, but it seems pretty dangerous to rely on this!
>
> Really, even if there is no #!/bin/sh ? How does it know to pick bash as
> the interpreter for files like this?
More accurately, /bin/sh will try to parse it (executable files that
have no #! and no magic number recognised by the kernel are executed with
/bin/sh). /bin/sh happens to be bash on most distributions, at least by
default (but is dash on Ubuntu and on some Debian systems).
Simon
More information about the xdg
mailing list