Re: Security Issue of .desktop files

To: debian-devel@lists.debian.org
Subject: Re: Security Issue of .desktop files
From: "Michael S. Gilbert" <michael.s.gilbert@gmail.com>
Date: Tue, 24 Feb 2009 18:20:51 -0500
Message-id: <[🔎] 20090224182051.841aaebb.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 1235515471.30491.21.camel@hidalgo>
References: <[🔎] 1235499662.7176.29.camel@cajueiro> <[🔎] 1235501637.30491.7.camel@hidalgo> <[🔎] 1235502717.7176.36.camel@cajueiro> <[🔎] 1235503670.30491.10.camel@hidalgo> <[🔎] 1235507577.7176.48.camel@cajueiro> <[🔎] 20090224163333.df6d1839.michael.s.gilbert@gmail.com> <[🔎] 1235511318.7176.65.camel@cajueiro> <[🔎] 1235512382.30491.18.camel@hidalgo> <[🔎] 1235513382.7176.69.camel@cajueiro> <[🔎] 20090224173321.9adf50c0.michael.s.gilbert@gmail.com> <[🔎] 1235515471.30491.21.camel@hidalgo>

On Tue, 24 Feb 2009 23:44:31 +0100, Yves-Alexis Perez wrote:
> > here is
> > a .desktop file that looks like it is iceweasel, but really it
> > downloads an essentially random file, but I could have made it do
> > pretty much anything.
> 
> Yes, tests may need to be narrowed. That should be part of the spec,
> though.

It seems like it will error-prone, troublesome, and a lot of work to
come up with enough robust test cases that can prevent all potential
attack vectors (especially if its on a deny per-application basis).
Does it even make sense for anyone to be spending time on this?
Ultimately there are going to be holes, and thats where attackers will
get through; they have a lot more time to mess around and think
about this stuff than most of us.

Requiring '+x' has got to be the best, easiest, most straightforward,
and most robust solution on the table. In order for a malicious
launcher file to work, users will have to be smart enough to be able to
use chmod, and if that's the case then they'll know something
suspicious is going if someone tells them to do it. Chmod is required
because, for example, thunar does not allow the user to modify the
executable bit and I hope nautils/dolphin behave the same)

It's going to take some effort to get this solution implemented, but
its the right thing to do, and Debian should plan to proceed forward
with that.

Regards,
Mike

Reply to:

References:
- Security Issue of .desktop files
  - From: Daniel Ruoso <daniel@ruoso.com>
- Re: Security Issue of .desktop files
  - From: Yves-Alexis Perez <corsac@debian.org>
- Re: Security Issue of .desktop files
  - From: Daniel Ruoso <daniel@ruoso.com>
- Re: Security Issue of .desktop files
  - From: Yves-Alexis Perez <corsac@debian.org>
- Re: Security Issue of .desktop files
  - From: Daniel Ruoso <daniel@ruoso.com>
- Re: Security Issue of .desktop files
  - From: "Michael S. Gilbert" <michael.s.gilbert@gmail.com>
- Re: Security Issue of .desktop files
  - From: Daniel Ruoso <daniel@ruoso.com>
- Re: Security Issue of .desktop files
  - From: Yves-Alexis Perez <corsac@debian.org>
- Re: Security Issue of .desktop files
  - From: Daniel Ruoso <daniel@ruoso.com>
- Re: Security Issue of .desktop files
  - From: "Michael S. Gilbert" <michael.s.gilbert@gmail.com>
- Re: Security Issue of .desktop files
  - From: Yves-Alexis Perez <corsac@debian.org>

Prev by Date: Re: Security Issue of .desktop files
Next by Date: Re: Security Issue of .desktop files
Previous by thread: Re: Security Issue of .desktop files
Next by thread: Re: Security Issue of .desktop files
Index(es):
- Date
- Thread