Egbert van der Wal wrote: [...]
I would say a more appropriate approach would be to classify the command in a few cases: 1) The command executed is a program/script in the user's home-directory or some other user-writable location(which increases the risk of it being malware) 2) The command executed is an program/script in /bin, which are generally more dangerous than other executables(rm, mv and others reside there) 3) The command executed is a program/script in /usr/bin, which are generally(but not always ofcourse) safer to use.
This simply won't work. It will get it wrong at the very least 50% of the time and any action taken on this will thus irritate and be ignored by users. Determining whether a command is safe or not requires intelligence and knowledge, neither of which a computer has.
As the situation now is, .desktop files aren't more executable than .sh files without a +x bit set; those too can be executed by doing 'sh script.sh', same as .desktop files with a different parser.
A .sh file that does not have the +x bit set cannot be run by clicking on it in a file browser or on the desktop.
A .desktop file does run in that case. -- Francois Gouget [EMAIL PROTECTED] _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
