Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
.desktop files and security.desktop files and securityPosted Apr 6, 2006 3:32 UTC (Thu) by tetromino (subscriber, #33846)Parent article: .desktop files and security
At first, when I read the .desktop file spec, I didn't understand how horribly insecure these things are. I mean, the Exec parameter is just the name of a program and parameters. There is no shell syntax, no substitution. How much damage can that possibly do?
And then I realized that the program can be /usr/bin/perl. And the parameters can be -e and 'ANY_ARBITRARY_PERL_SCRIPT'
So yeah, this is quite bad. I say that making .desktop files into real #! scripts with an executable bit is the way to go.
(Log in to post comments)
.desktop files and security Posted Apr 6, 2006 7:05 UTC (Thu) by kitsilano (subscriber, #14833) [Link] I think the executable bit is a simple and unixoid way to solve the problem. You can still use all the flexibility build into the .desktop file. You could even run it from the shell. And any hostile .desktop files sent you by email has to be made executable, like any other executable sent to you. And if the Desktop Environment does not interprete a nonexecutable .desktop file and shows a scary icon, the security will be good enough.
.desktop files and security Posted Apr 7, 2006 14:30 UTC (Fri) by smoogen (subscriber, #97) [Link] Hmmm I dont think the executable bit would be the fix. The .zip attack is the way to get around that. Send the person a .zip file and they extract the stuff from it. Voila, the user pulls out the executable code with the appropriate bits/extensions in it.
Yes it involves the user.. but this attack works 30% of the time from what I can tell from cleaning up windows machines.
.desktop files and security Posted Apr 8, 2006 23:02 UTC (Sat) by cortana (subscriber, #24596) [Link] When extracting from an untrusted archive, tar, unzip and similar should be invoked with a sane umask that prevents the creation of executable files.
.desktop files and security Posted Apr 6, 2006 21:17 UTC (Thu) by jmorris42 (subscriber, #2203) [Link] > So yeah, this is quite bad. I say that making .desktop files into real> #! scripts with an executable bit is the way to go.
Plus by beating them over the head over this we just might impress on the clowns making the desktop environments that there is some value in retaining UNIX culture. This is a perfect example of the saying "Those who do not understand UNIX end up reinventing it... poorly." There are reasons for those executable bits, obviously some GNOME didn't understand that. And if it is 'executable' it should be runnable from a shell so it needs the #!. Again, the graphical folk have this religious belief that the command line is bad, and their ultimate goal is to eliminate it. We who believe in UNIX, everything is a file, yada yada have to push back hard now or admit defeat and load OpenBSD.
|
|||||||||||