On Thursday 07 July 2005 13:33, Mike Hearn wrote: > Waldo Bastian wrote: > > First draft, your feedback is highly appreciated. > > > > A desktop environment MUST NOT automatically start an application if > > the corresponding .desktop file has NOT been marked as executable. > > There should be some rationale for this in the spec. Marking .desktop > files +x isn't especially difficult for installers, but: > > 1) Why is it necessary?
In previous discussion surrounding .desktop files it was considered a useful step to increase security (slightly). So I wanted to add it here right from the start. > 2) What about noexec mounted home dirs? That's a good point. Should a user be able to execute shell code located on such a home dir? Is ~/.profile parsed in such a setup? > 3) For the case of auto-starting on external media eg CD-ROMs and USB > Keys, they may be formatted with a filing system that does not > understand the concept of the UNIX +x bit. What do people who want > auto-start files in this situation do? They will need to understand the notion of "executable", no? How else would a user be able to start an application from the media without auto-start? > I flicked through the original thread but didn't find any discussion of > this requirement. As discussed previously on xdg-list, +x > bits/noexec-mounts do not add any real security as they are easily > circumvented by anybody who knows what they're doing, and for naive > users they just add "security through obscurity" which doesn't help much > either. Cheers, Waldo
pgpBXD3wGGIiZ.pgp
Description: PGP signature
_______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
