IMO the root of the issue is the abuse of the executable bit for things that aren't executable. I posted about this a few years ago, the last time a series of .desktop vulnerabilities came up:
https://www.openwall.com/lists/oss-security/2017/11/08/10 I'm only mentioning it here for posterity; I just realized that I never came back to comment on this bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1327791 Title: Security warning about just created Xubuntu desktop shortcut To manage notifications about this bug go to: https://bugs.launchpad.net/thunar/+bug/1327791/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
