[PATCH] .desktop security ++

Michael Pyne mpyne at purinchu.net
Sun Feb 22 02:43:53 GMT 2009


On Saturday 21 February 2009, Michael Pyne wrote:
> Hi all,
>
> I've implemented the auto-exec-bit-ifying of .desktop files in KRun and
> made the changes suggested in the last couple of threads, including using
> owned-by- root as an exception as originally discussed instead of merely
> "not writable by user".
>
> Currently the work is in 3 patches (all attached):

2 more patches now to fix the Link to Application template (for a total of 5):

patch 4 simply adds the #!/usr/bin/env xdg-open header to the Application 
template desktop file

patch 5 adds support for adding the +x bit to new application links.  Only the 
user's executable bit is added, is it a good idea to add owner/group as well?  
I made sure to use KIO in case a Link to Application is created remotely, so 
that part works even remotely (KPropertiesDialog, as it turns out, did not 
though :( ).

I would assume Plasma would still need to be fixed as well but I haven't 
looked at it yet.

Finally, I'm still uneasy at having a dialog that can be clicked-thru for 
.desktop files to run them this way.  So what do you think about having some 
kind of minimum-time-to-dialog where if the user tries to click on the 
.desktop file within, say, 10 minutes of creating it that it simply opens up 
its properties dialog?  After 10 minutes the dialog would appear on click.  
Note that this would only happen after creating a .desktop file not via Plasma 
(since that will be fixed) or Link to Application.

Regards,
 - Michael Pyne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090221/499378fa/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: brouhaha-005-kpropertiesdialog.patch
Type: text/x-patch
Size: 1279 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090221/499378fa/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: brouhaha-004-program-template.patch
Type: text/x-patch
Size: 312 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090221/499378fa/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090221/499378fa/attachment.sig>


More information about the kde-core-devel mailing list