Rodney Dawes wrote: >>>I'd propose to optionally include a digital signature for the Exec field >>>(i.e. add an ExecSignature field to the spec) and let the file manager >>>ask the user whether he/she trusts the signee or popup a warning if no >>>signature is present. Distributions should then ship with a good default >>>set of trusted certificates (i.e. for Gnome, KDE, Xfce, etc.), so users >>>shouldn't see the warning unless they're trying to execute a >>>virus.desktop or a .desktop file whose signee is not yet in the trustdb. >> >>[I'm not trying to shoot your idea down; I'm just raising some discussion >>points] >> >>How would this work for user-created files? Should the desktop >>automatically sign the files? Should we require each and every user to >>have a GPG key? > > Shoulud it be GPG? What about S/MIME?
It doesn't need to be GPG. > Do we really need a signature and > yet another dialog to pop up and annoy the user? Shouldn't we only pop > up things like this when we /know/ there is an issue? The user shouldn't see the dialog usually. Only if the system is unable to verify the signature, which should only happen in case of a bogus .desktop file (i.e. a virus), as systems should ship with a sane trustdb. Of course, this will take time to implement for all desktop environments, but in the end should be more secure than testing the x bit. Just an idea, tho... > -- dobey Benedikt _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
