[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: .desktop security changes are committed
From:       Michael Pyne <mpyne () purinchu ! net>
Date:       2009-02-23 23:34:21
Message-ID: 200902231834.25924.mpyne () purinchu ! net
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On Sunday 22 February 2009, R.F. Pels wrote:
> On Sun 22 February 2009 18.38.21 Michael Pyne wrote:
>
> Now for something completely different but still related...
>
> > Alexander Larsson is handling the same thing for GNOME, and they have
> > changed their file view to only "sniff" for desktop files that are
> > executable or in the system directory, and only files with a .desktop
> > extension. (http://mail.gnome.org/archives/desktop-devel-list/2009-
> > February/msg00132.html)
>
> Hmmm. I've been reading this for a bit, and they used the word
> 'trusted'. That set my mind in gear as to how we can make it possible to
> indeed mark an executable (in whatever form or shape) as trusted.
> Something like signing it perhaps?

In this case it's merely via where it is installed to I'm sure (I think by 
executable he is referring to the .desktop file and not the executable file 
directly).

Regards,
 - Michael Pyne

[Attachment #5 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" \
"http://www.w3.org/TR/REC-html40/strict.dtd"><html><head><meta name="qrichtext" \
content="1" /><style type="text/css">p, li { white-space: pre-wrap; \
}</style></head><body style=" font-family:'Droid Sans Mono'; font-size:10pt; \
font-weight:400; font-style:normal;">On Sunday 22 February 2009, R.F. Pels wrote:<br> \
&gt; On Sun 22 February 2009 18.38.21 Michael Pyne wrote:<br> &gt;<br>
&gt; Now for something completely different but still related...<br>
&gt;<br>
&gt; &gt; Alexander Larsson is handling the same thing for GNOME, and they have<br>
&gt; &gt; changed their file view to only "sniff" for desktop files that are<br>
&gt; &gt; executable or in the system directory, and only files with a .desktop<br>
&gt; &gt; extension. (http://mail.gnome.org/archives/desktop-devel-list/2009-<br>
&gt; &gt; February/msg00132.html)<br>
&gt;<br>
&gt; Hmmm. I've been reading this for a bit, and they used the word<br>
&gt; 'trusted'. That set my mind in gear as to how we can make it possible to<br>
&gt; indeed mark an executable (in whatever form or shape) as trusted.<br>
&gt; Something like signing it perhaps?<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>In this case it's merely via where it is installed to I'm \
sure (I think by executable he is referring to the .desktop file and not the \
executable file directly).<br> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
                text-indent:0px; -qt-user-state:0;"><br></p>Regards,<br>
 - Michael Pyne</p></body></html>


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic