Bug 643881 – A .desktop file in nautilus is like an executable in Windows.

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 643881 - A .desktop file in nautilus is like an executable in Windows.


Summary:	A .desktop file in nautilus is like an executable in Windows.


Status:	RESOLVED DUPLICATE of bug 688632

Product:	nautilus
Classification:	Core
Component:	File and Folder Operations
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal major
Target Milestone:	---
Assigned To:	Nautilus Maintainers
QA Contact:	Nautilus Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2011-03-04 15:48 UTC by dE
Modified:	2013-04-20 10:49 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description dE 2011-03-04 15:48:25 UTC

It doesn't even have the file's real name.. leave alone editing it.

This give too much security risks to innocent users who just double click on it thinking of it as a 'file'.

Comment 1 André Klapper 2011-03-07 22:36:54 UTC

What is the concrete security risk in a concrete example?

Comment 2 dE 2011-03-08 00:35:01 UTC

Same as bug Bug 643877. This is executing a file.. that's the issue.

Maybe this can show a waring only if the executables are not in the bin dir of the OS.

Comment 3 António Fernandes 2013-04-20 10:49:41 UTC

If we exclude the security concern, which is covered by bug 643877 as per comment 2, this is essentially the same as bug 688632.

Given that bug 688632 has a more elaborate rationale and the acknowledgment of a maintainer, let's track this issue there.

*** This bug has been marked as a duplicate of bug 688632 ***