requiring .desktop files to be executable ?

John Tapsell johnflux at gmail.com
Wed Feb 25 02:12:17 GMT 2009


2009/2/24 David Faure <faure at kde.org>:
> On Tuesday 24 February 2009, Roland Harnau wrote:
>> 2009/2/23, David Faure <faure at kde.org>:
>> > On Monday 23 February 2009, Roland Harnau wrote:
>>
>> >> Your commit addresses the direct security threat, but the question
>> >> remains in what way should the spec be extended. Requiring .desktop
>> >> files to have  executable bit and shebang line dependent on an
>> >> optional key will for sure cause some inconsinstencies.
>> >
>> > It's not about the optional key Exec, it's about Type=Application desktop
>> > files.  Ok that key is optional too, but Application is the default value. There are
>> > only a few kinds of desktop files, this security thing is about the Application
>> > kind. The plasma desktop files you are talking about are Type=Service desktop
>> > files, so those are completely unrelated to this (they certainly never end up in
>> > klauncher or KRun anyway).
>>
>> Desktop files with Type=Service are not related to the
>> Type=Application (which should imply the Exec key) the  ones by this
>> security issue, but they are clearly of the same file type. Setting
>> the executable bit not by file type but by some internal criteria
>> leads some oddities especially in the migration phase, e.g. a .desktop
>> file without exec bit can be
>>
>> (1) not of Type=Application
>> (2) legacy with Type=Application
>> (3) possible harmful with Type=Application
>>
>> and it  is not easily possible to keep them apart, at  least not
>> without parsing and applying some complex logic in the lines of what
>> Michael did.
>
> Sure. So?
> "A file named foo.txt could contain text or something else and it's not
> easily possible to keep them apart without parsing it". Obviously.
>
> There is no migration tool, users are supposed to make executable by hand
> the few desktop files that they use from $HOME or Desktop... Only they can
> tell if it's (1) (2) or (3), that's the whole point of the security measure.

>From the xdg list, the gnome guys are adding a migration tool.  Might
be worth you joining and voicing your objections against the idea
there.

JohnFlux




More information about the kde-core-devel mailing list