On Saturday, February 11, 2017 7:24:11 AM UTC Martin Gräßlin wrote:
> What I don't like in general is that this is all happening as $user.
> Thus any malicious program running as $user can also just change the
> list of trusted Exec= values.
>
> So my suggestion is: let's use polkit.
>
> The
Am 2017-02-10 19:56, schrieb Fabian Vogt:
Hi,
The reddit post "How to easily trick $FILE_MANAGER users to execute
arbitrary code"
(https://www.reddit.com/r/linux/comments/5r6va0) spawned a discussion
about .desktop files.
Thanks for bringing up this important topic! (Although I get more and
Hi,
The reddit post "How to easily trick $FILE_MANAGER users to execute arbitrary
code"
(https://www.reddit.com/r/linux/comments/5r6va0) spawned a discussion about
.desktop files.
This is normally just a minor security issue as it requires manual user
interaction. However,
Plasma's
