Public bug reported:
### Summary
`.desktop` files generated by user-level tools (such as
`mate-session-properties` or Flatpak installers) are initially untrusted. In
contrast, system-provided `.desktop` files—such as those copied from
`/usr/share/applications/`—are automatically trusted and launch without
warnings.
### Steps to Reproduce
#### Method 1 — Startup Applications
1. Open `mate-session-properties`.
2. Click Add.
3. Enter `mate-calc` for both Name and Command, then click Add again.
4. Open `~/.config/autostart/` in Caja.
5. Select `mate-calc.desktop` and press Enter.
- The following dialog appears:
```
Untrusted application launcher
The application launcher "mate-calc.desktop" has not been marked as
trusted.
If you do not know the source of this file, launching it may be unsafe.
```
- Click Mark as Trusted.
6. The file now appears as `mate-calc` in Caja and launches `mate-calc`
correctly when opened.
#### Method 2 — Flatpak Example
1. Install any Flatpak package.
2. Copy its `.desktop` file from `/home/<user>/.local/share/applications/` to
`~/Desktop/`.
3. Select the copied file and press Enter.
4. The same “Untrusted application launcher” warning appears.
### Expected Behavior
`.desktop` files created through GUI tools such as “Startup Applications
Preferences” should automatically be marked as trusted. They should have the
appropriate metadata or file mode set on creation to prevent the security
dialog from appearing.
### Actual Behavior
User-created or locally generated `.desktop` files lack the correct trust
metadata and executable flag. Caja treats them as untrusted and displays a
warning dialog when opened manually.
### Additional Notes
The untrusted state occurs because these files are missing the
trusted-execution metadata and the binary trailer inserted when a file is
marked trusted. Trusting a launcher manually modifies both file permissions and
content:
f="mate-calc.desktop"
Before trusting:
ls -l $f | grep -o -E '^-.{9}'
→ -rw-rw-r--
file -bi $f
→ text/plain; charset=us-ascii
After trusting:
ls -l $f | grep -o -E '^-.{9}'
→ -rwxrwxr-x
file -bi $f
→ text/plain; charset=binary
The line "#!/usr/bin/env xdg-open" is added to the top of the file,
and a binary null character (\0) is appended at the end.
Attempting to mark the file trusted through `chmod` and `gio` commands
gives executable permission but does not replicate the binary
modification:
f=mate-calc.desktop
chmod +x "$f"
gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" | awk
'{print $1}')"
gio set "$f" metadata::trusted yes
→ file -bi still shows: text/plain; charset=us-ascii
This indicates that the trust operation performed by Caja’s “Mark as
trusted” button does additional processing beyond setting extended
attributes.
### Environment
- MATE Desktop: 1.26.2-1.1build3
- OS: Ubuntu MATE 24.04
- Caja: 1.26.3-1build3
- mate-session-manager: 1.26.1-2build2
** Affects: ubuntu
Importance: Undecided
Status: New
** Description changed:
### Summary
- `.desktop` files generated by user-level tools (such as
`mate-session-properties` or Flatpak installers) are initially untrusted. In
contrast, system-provided `.desktop` files—such as those copied from
`/usr/share/applications/`—are automatically trusted and launch without
warnings.
+ `.desktop` files generated by user-level tools (such as
`mate-session-properties` or Flatpak installers) are initially untrusted. In
contrast, system-provided `.desktop` files—such as those copied from
`/usr/share/applications/`—are automatically trusted and launch without
warnings.
### Steps to Reproduce
#### Method 1 — Startup Applications
- 1. Open `mate-session-properties`.
- 2. Click Add.
- 3. Enter `mate-calc` for both Name and Command, then click Add again.
- 4. Open `~/.config/autostart/` in Caja.
- 5. Select `mate-calc.desktop` and press Enter.
- - The following dialog appears:
- ```
- Untrusted application launcher
+ 1. Open `mate-session-properties`.
+ 2. Click Add.
+ 3. Enter `mate-calc` for both Name and Command, then click Add again.
+ 4. Open `~/.config/autostart/` in Caja.
+ 5. Select `mate-calc.desktop` and press Enter.
+ - The following dialog appears:
+ ```
+ Untrusted application launcher
- The application launcher "mate-calc.desktop" has not been marked as
trusted.
- If you do not know the source of this file, launching it may be unsafe.
- ```
- - Click Mark as Trusted.
+ The application launcher "mate-calc.desktop" has not been marked as
trusted.
+ If you do not know the source of this file, launching it may be unsafe.
+ ```
+ - Click Mark as Trusted.
6. The file now appears as `mate-calc` in Caja and launches `mate-calc`
correctly when opened.
#### Method 2 — Flatpak Example
- 1. Install any Flatpak package.
- 2. Copy its `.desktop` file from `/home/<user>/.local/share/applications/` to
`~/Desktop/`.
- 3. Select the copied file and press Enter.
+ 1. Install any Flatpak package.
+ 2. Copy its `.desktop` file from `/home/<user>/.local/share/applications/` to
`~/Desktop/`.
+ 3. Select the copied file and press Enter.
4. The same “Untrusted application launcher” warning appears.
### Expected Behavior
`.desktop` files created through GUI tools such as “Startup Applications
Preferences” should automatically be marked as trusted. They should have the
appropriate metadata or file mode set on creation to prevent the security
dialog from appearing.
### Actual Behavior
User-created or locally generated `.desktop` files lack the correct trust
metadata and executable flag. Caja treats them as untrusted and displays a
warning dialog when opened manually.
-
- ### Environment
- - MATE Desktop: 1.26.2-1.1build3
- - OS: Ubuntu MATE 24.04
- - Caja: 1.26.3-1build3
- - mate-session-manager: 1.26.1-2build2
### Additional Notes
The untrusted state occurs because these files are missing the
trusted-execution metadata and the binary trailer inserted when a file is
marked trusted. Trusting a launcher manually modifies both file permissions and
content:
f="mate-calc.desktop"
Before trusting:
ls -l $f | grep -o -E '^-.{9}'
→ -rw-rw-r--
file -bi $f
→ text/plain; charset=us-ascii
After trusting:
ls -l $f | grep -o -E '^-.{9}'
→ -rwxrwxr-x
file -bi $f
→ text/plain; charset=binary
The line "#!/usr/bin/env xdg-open" is added to the top of the file,
and a binary null character (\0) is appended at the end.
Attempting to mark the file trusted through `chmod` and `gio` commands
gives executable permission but does not replicate the binary
modification:
f=mate-calc.desktop
chmod +x "$f"
gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" | awk
'{print $1}')"
gio set "$f" metadata::trusted yes
→ file -bi still shows: text/plain; charset=us-ascii
This indicates that the trust operation performed by Caja’s “Mark as
trusted” button does additional processing beyond setting extended
attributes.
+
+ ### Environment
+ - MATE Desktop: 1.26.2-1.1build3
+ - OS: Ubuntu MATE 24.04
+ - Caja: 1.26.3-1build3
+ - mate-session-manager: 1.26.1-2build2
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2130434
Title:
.desktop files are marked as "Untrusted application launcher" until
manually verified
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/2130434/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
