.desktop file security

John Tapsell johnflux at gmail.com
Tue Feb 24 06:49:04 PST 2009


One potential security flaw...

Say there is a   myfile.desktop file that already exists and is
executable.  If a file download overwrites this, it also becomes
executable, since overwriting a file takes on its permissions.

Maybe a user shouldn't be so silly as to agree to overwrite the
existing file, but is there anything we can do to prevent this?

John


More information about the xdg mailing list