[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Update on progress [PATCH]
From:       Hans Meine <hans_meine () gmx ! net>
Date:       2009-03-03 9:32:19
Message-ID: 200903031032.21011.hans_meine () gmx ! net
[Download RAW message or body]

On Saturday 21 February 2009 20:14:31 Michael Pyne wrote:
> On Saturday 21 February 2009, John Tapsell wrote:
> > In the screenshot, the text service 'mileage tracker' comes from the
> > untrusted .desktop file itself right?  So couldn't the malicious
> > .desktop file put any service name?  Such as "system.  This is a vital
> > service - so you must click continue or risk breaking your system."
>
> Yes.  Hmm, every part of the .desktop file is untrusted, including the
> filename.  I wonder what makes sense to put instead, if anything.  I'd
> rather not leave the dialog completely devoid of a clue as to what the
> service is. (We will have the Exec= line once I get the Details button to
> work)

How about proper "quoting" then?  I.e. explicitly state:

  You are about to run a service not marked as executable program.
  The service identifies itself as:

     mileage tracker

  This could be ...

(The indented part could be in a different color / group box / ... such that 
it is more apparent if the .desktop file tries to spoof a dialog box text.)

HTH,
  Hans
[prev in list] [next in list] [prev in thread] [next in thread]