Follow up: How to write a Linux virus

OS X does something like this -- downloaded executables are marked as being untrusted, with a record of their download time, and users are warned the first time they are launched. A malicious app can disguise its icon all it wants, but cannot circumvent this.

Not sure what the equivalent of desktop files is in OpenStep/OSX-land. Probably non-existent.. in that case, downloaded desktop files should be considered as suspect as executables.