On Wednesday 11 February 2009, Alexander Neundorf wrote:
> Hi,
>
> here's an article and comments about potential security problems
> with "executing" .desktop files although they are not executable:
> http://lwn.net/Articles/318755/
>
> Should we do something about it ?

 As the article says, this isn't a "new" issue. It was slightly touched 
here:
http://lists.kde.org/?l=kde-core-devel&m=120152754809060&w=2

Andras