Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
From: Sam Watkins <swatkins@fastmail.fm>
Date: Thu, 20 Jan 2005 14:41:46 +1100
Message-id: <[🔎] 20050120034145.GF2817@bart.local>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 41EE49F1.0@eth0.is-a-geek.org>
References: <m1CqprA-000omSC@finlandia.Infodrom.North.DE> <[🔎] 41EDD095.5218B68F@patriot.net> <[🔎] 20050119022735.GA728@infidel.spots.ab.ca> <[🔎] 41EDCDC8.3090507@eth0.is-a-geek.org> <[🔎] 20050119040659.GA1479@infidel.spots.ab.ca> <[🔎] 41EE49F1.0@eth0.is-a-geek.org>

On Wed, Jan 19, 2005 at 06:52:17AM -0500, David Mandelberg wrote:
> I'm just suggesting that it should be harder for them to shoot
> themselves in the foot i.e. by making .desktop's have the x bit before
> they can be launched.

I strongly agree.  No, I STRONGLY agree!

If they are to be marked executable, those .desktop files should have a
#! so that they aren't fed to the shell.  Unfortunately it would be a
bit difficult to apply that change retrospectively, however an upgrade
script could take care of it.

It's no good saying "the stupid user shouldn't click on the file".
It is very easy even for an experienced user to do something like this
by mistake.  We want to make Debian's desktop safe for inexperienced
people (and children) to use.

I think the X bit is unix's single most important security feature.  No
program should ever be executed without it!  (jailed scripts excepted)

I should be able to download anything off the web and double click on it
without any possibility that it will run some arbitrary script.  If it
is supposed to be an executable program, I should have to chmod +x it
before it will run.  A gui could provide a more user-friendly way to do
this - possibly a pop-up when you click such a file that warns about
viruses, asks if you want to mark the program executable, and if yes,
tells you to double-click again to run it.

We should also make sure that executables within archives cannot easily
be activated through a VFS, but only after unpacking the archive.  It
would be better if the GUI archiver programs did not set the X bit for
unpacked files by default.

This reminds me of the time a few years ago, when someone put a mailcap
entry for .exe files to launch wine in Debian.  I noticed this when I
accidentally pressed enter at the wrong time in mutt, and it started
to run an .exe.  That was very very bogus.  Now someone has added an
wrapper that asks you if you want to run the .exe

We must not allow Windoze's document / program dyslexia to infect Unix!!

Reply to:

References:
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: Moe <moel@patriot.net>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: David Mandelberg <mandelbergd@eth0.is-a-geek.org>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: David Mandelberg <mandelbergd@eth0.is-a-geek.org>

Prev by Date: Re: [meta] Set reply-to to something else?
Next by Date: Re: Re: Help! File permissions keep changing...
Previous by thread: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
Next by thread: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
Index(es):
- Date
- Thread