On Wed, Apr 05, 2006 at 12:20:35AM +0100, Scott James Remnant wrote: > On Tue, 2006-04-04 at 20:03 +0100, Mark Seaborn wrote: > > > One problem with using the executable bit on .desktop files is that > > the executable bit could become set without any special action by the > > user. > > > In particular, if saved to a FAT partition (USB drive) or similar.
hm. If there are crippled filesystems mounted, having +x for all files, that's a whole separate problem. as someone pointed out, it's orthogonal to this problem - ANY sort of executable can be saved off the net onto a FAT or flash drive and directly executed on a unix system. This is a different question altogether - I suppose such drives should not by default be mounted with the +x bit set. But this is a much less likely vector for malware. I don't think many people have their ~/Desktop on a FAT filesystem! although they might download things to a USB drive by default. Concerning archives, this is again a much less serious problem as the user would have to go through more steps of accident/naivity in order to execute the file. I would recommend that files should not be directly executed from an archive, or that a warning should be given. But again, this is an orthogonal problem, it's not specific to .desktop files. At the moment, I am only wanting to deal with one problem, which is that .desktop files can be downloaded and executed off the web or from email attachments MUCH MORE EASILY than any other type of file. The last time something like this was possible to my knowledge, was when the wine package for Debian included a mailcap entry that would invoke "wine" to run any *.exe file even if it is not marked with the +x bit. I protested about that, and I suppose other people did too, because they fixed the problem. > A different approach would be a standard for saving of attachments and > files downloaded from the Internet. E-mail clients, Web browsers, etc. > would honour this standard, and declare their support for it as a > feature. This would be too difficult to implement given the enormous variety of e-mail clients and browsers. Happily we don't yet have such a plethora of freedesktop-compilant desktop environments, so it is still possible to fix this problem easily in the right way. Does anyone other than me think my proposed solution might be the right thing to do? or can you offer some "tweaks" and criticisms to make it better? If so, I'm happy to have a go at implementing it. Sam _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
