Hi, after some security issues were recently rediscovered in nautilus, I have uploaded a new version to unstable, which slightly modifies the handling of some .desktop files. Basically, it considers that any file that is either: * located on a non-file:// location, * belonging to another user (except for root), * located on /mnt or /media, cannot legitimately contain an application shortcut and, in the case it does, will treat it as a simple text file. This does not affect files that are merely shortcuts shortcuts; the worst abuse I could think of such files would be a fake document that would bring a link to a malicious website or to a malicious document, so it isn't less secure than firing up an application on the untrusted document itself. The changes were kept as small as possible, but they are a bit intrusive, so if you find any regression in the handling of legitimate .desktop files, please file a bug before we ask for this version to migrate to etch. Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=