From kde-core-devel  Mon Feb 23 23:34:21 2009
From: Michael Pyne <mpyne () purinchu ! net>
Date: Mon, 23 Feb 2009 23:34:21 +0000
To: kde-core-devel
Subject: Re: .desktop security changes are committed
Message-Id: <200902231834.25924.mpyne () purinchu ! net>
X-MARC-Message: https://marc.info/?l=kde-core-devel&m=123543211409853
MIME-Version: 1
Content-Type: multipart/mixed; boundary="--nextPart7698121.1FMcyfLHDN"

--nextPart7698121.1FMcyfLHDN
Content-Type: multipart/alternative;
  boundary="Boundary-01=_+JzoJJ8e4QbLn9A"
Content-Transfer-Encoding: 7bit

--Boundary-01=_+JzoJJ8e4QbLn9A
Content-Type: text/plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable

On Sunday 22 February 2009, R.F. Pels wrote:
> On Sun 22 February 2009 18.38.21 Michael Pyne wrote:
>
> Now for something completely different but still related...
>
> > Alexander Larsson is handling the same thing for GNOME, and they have
> > changed their file view to only "sniff" for desktop files that are
> > executable or in the system directory, and only files with a .desktop
> > extension. (http://mail.gnome.org/archives/desktop-devel-list/2009-
> > February/msg00132.html)
>
> Hmmm. I've been reading this for a bit, and they used the word
> 'trusted'. That set my mind in gear as to how we can make it possible to
> indeed mark an executable (in whatever form or shape) as trusted.
> Something like signing it perhaps?

In this case it's merely via where it is installed to I'm sure (I think by=
=20
executable he is referring to the .desktop file and not the executable file=
=20
directly).

Regards,
 - Michael Pyne

--Boundary-01=_+JzoJJ8e4QbLn9A
Content-Type: text/html;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"><html><head><meta name="qrichtext" content="1" /><style type="text/css">p, li { white-space: pre-wrap; }</style></head><body style=" font-family:'Droid Sans Mono'; font-size:10pt; font-weight:400; font-style:normal;">On Sunday 22 February 2009, R.F. Pels wrote:<br>
&gt; On Sun 22 February 2009 18.38.21 Michael Pyne wrote:<br>
&gt;<br>
&gt; Now for something completely different but still related...<br>
&gt;<br>
&gt; &gt; Alexander Larsson is handling the same thing for GNOME, and they have<br>
&gt; &gt; changed their file view to only "sniff" for desktop files that are<br>
&gt; &gt; executable or in the system directory, and only files with a .desktop<br>
&gt; &gt; extension. (http://mail.gnome.org/archives/desktop-devel-list/2009-<br>
&gt; &gt; February/msg00132.html)<br>
&gt;<br>
&gt; Hmmm. I've been reading this for a bit, and they used the word<br>
&gt; 'trusted'. That set my mind in gear as to how we can make it possible to<br>
&gt; indeed mark an executable (in whatever form or shape) as trusted.<br>
&gt; Something like signing it perhaps?<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>In this case it's merely via where it is installed to I'm sure (I think by executable he is referring to the .desktop file and not the executable file directly).<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>Regards,<br>
 - Michael Pyne</p></body></html>
--Boundary-01=_+JzoJJ8e4QbLn9A--

--nextPart7698121.1FMcyfLHDN
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEABECAAYFAkmjMoEACgkQqjQYp5Omm0peDgCfUNLeYJ1mxOGktXZFc9yDNK+4
n5YAoKX7foEM27yiXPgDgKqIDOokOQ+E
=ELeQ
-----END PGP SIGNATURE-----

--nextPart7698121.1FMcyfLHDN--