Advertisement
Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.
| |||||||||||||
|
| |||||||||||||
How to write a Linux virus in 5 easy stepsHow to write a Linux virus in 5 easy stepsPosted Feb 12, 2009 20:47 UTC (Thu) by nix (subscriber, #2304)In reply to: How to write a Linux virus in 5 easy steps by hppnq Parent article: How to write a Linux virus in 5 easy steps
Well, yes, the .desktop-launching interpreter would of course be a
specialized program that knew how to run .desktop files; and it checks the executable bit on .desktop files that are passed to it as parameters *itself* before launching programs named in them: it doesn't leave this up to the kernel or anything like that.
(Log in to post comments)
How to write a Linux virus in 5 easy steps Posted Feb 13, 2009 9:57 UTC (Fri) by hppnq (subscriber, #14462) [Link] What I meant is that you cannot be sure that there actually is trusted content in that launcher file, so the DE would still have to verify that it would actually run the launcher interpreter, to start with. The executable bit would tell the DE to trust the content, because presumably the user has seen the content, and that is not such a great idea.It might even add a risk if the launcher can also be seen from another environment, such as a shell, instead of being a file that can only be meaningfully interpreted by the DE proper. All this has little or nothing to do with the ability to run files in a certain way, but with the level of trust given to a class of files.
|
|
||||||||||||