• Carlos Soriano Sánchez's avatar
    mime-actions: use file metadata for trusting desktop files · 1630f534
    Carlos Soriano Sánchez authored
    Currently we only trust desktop files that have the executable bit
    set, and don't replace the displayed icon or the displayed name until
    it's trusted, which prevents for running random programs by a malicious
    desktop file.
    However, the executable permission is preserved if the desktop file
    comes from a compressed file.
    To prevent this, add a metadata::trusted metadata to the file once the
    user acknowledges the file as trusted. This adds metadata to the file,
    which cannot be added unless it has access to the computer.
    Also remove the SHEBANG "trusted" content we were putting inside the
    desktop file, since that doesn't add more security since it can come
    with the file itself.
nautilus-metadata.c 2.7 KB