[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: requiring .desktop files to be executable ?
From:       Alex Merry <kde () randomguy3 ! me ! uk>
Date:       2009-02-18 18:57:48
Message-ID: 200902181857.49205.kde () randomguy3 ! me ! uk
[Download RAW message or body]


On Wednesday 18 February 2009 12:04:00 Jaime wrote:
> Forgive me if this is a dup (but is not shown in the mailing list
> archives).
>
> Why not let an anti-troyan, anti-virus (clamav?) or whatever check
> every .desktop file searching for malicious code in the exec line?
> They are the experts in those kinds of treats.
> For example, user created .desktop files with the command "rm -r
> $HOME/.*". (why not?)

Because then we would depend on some anti-virus product (not very common in 
the UNIX world) and it wouldn't catch all cases.  What if you had an 
innocuous-looking program "foo" that did the rm -rf $HOME/.*?  And I'm not 
sure there are products that would do what we want here.

Oh, and it would probably slow down application startup quite a bit.

Alex

-- 
Why have I got six monitors?  Because I haven't got room for eight.
  -- Terry Pratchett


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]