LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Follow up: How to write a Linux virus

Follow up: How to write a Linux virus

Posted Feb 13, 2009 16:08 UTC (Fri) by forthy (guest, #1525)
In reply to: Follow up: How to write a Linux virus by tzafrir
Parent article: Follow up: How to write a Linux virus

What about hard-linking several commands to the same ELF file (distinguish different functions by argv[0]), and have the ELF header in the form icon-<name>, where the original file name is used to find the correct icon?

Other formats: #! scripts could have a formal comment section after the #! which defines icons. win32 files already have embedded icons. Java files are really zip files, you can have an icon subdirectory. Anything more?

The main point however IMHO is that .desktop files can execute arbitrary code, they should not be allowed to do so without +x flag. Thus a user with a noexec /home partition can only symlink to system-provided .desktop files (menu shortcuts and that like), which is probably a reasonable restriction. Just downloaded .desktop files don't execute upon clicking (maybe clicking on them should show up a .desktop editor, telling unexperienced users that this .desktop file has marked as non-executable and might be malicious). It has about the same effect as embedding icons into the executable itself.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds