requiring .desktop files to be executable ?
Alex Merry
kde at randomguy3.me.uk
Wed Feb 18 18:57:48 GMT 2009
On Wednesday 18 February 2009 12:04:00 Jaime wrote:
> Forgive me if this is a dup (but is not shown in the mailing list
> archives).
>
> Why not let an anti-troyan, anti-virus (clamav?) or whatever check
> every .desktop file searching for malicious code in the exec line?
> They are the experts in those kinds of treats.
> For example, user created .desktop files with the command "rm -r
> $HOME/.*". (why not?)
Because then we would depend on some anti-virus product (not very common in
the UNIX world) and it wouldn't catch all cases. What if you had an
innocuous-looking program "foo" that did the rm -rf $HOME/.*? And I'm not
sure there are products that would do what we want here.
Oh, and it would probably slow down application startup quite a bit.
Alex
--
Why have I got six monitors? Because I haven't got room for eight.
-- Terry Pratchett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090218/16978dba/attachment.sig>
More information about the kde-core-devel
mailing list