FreeDesktop.org could create a spec that maintains a table of sha1sums for valid .desktop files which have been installed by the operating system or system administrators. When the .desktop file is launched by the user, if the sha1sum doesn't match any "blessed" .desktop entries the user could be warned and the warning would include the display of the exec line and offered the the ability to "bless" the file for future use.
This does somewhat allow for a new twist to the definition of the term "Trusted Computing". I personally like the idea of also incorporating gnupg signatures into the .desktop files. A field for specifying where to retrieve the signer's public key would also be useful. -Joe Baker _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
