diff options
| author | Carlos Soriano <csoriano@gnome.org> | 2017-02-06 18:47:54 +0100 |
|---|---|---|
| committer | Carlos Soriano <csoriano@gnome.org> | 2017-02-06 18:53:08 +0100 |
| commit | 1630f53481f445ada0a455e9979236d31a8d3bb0 (patch) | |
| tree | b578cab6a04fe6abbe75775fb78fd2e872d35276 /src/nautilus-metadata.h | |
| parent | cc6910ff6511a5a2939cf36a49ca81fb62005382 (diff) | |
| download | nautilus-1630f53481f445ada0a455e9979236d31a8d3bb0.tar.gz | |
mime-actions: use file metadata for trusting desktop files
Currently we only trust desktop files that have the executable bit
set, and don't replace the displayed icon or the displayed name until
it's trusted, which prevents for running random programs by a malicious
desktop file.
However, the executable permission is preserved if the desktop file
comes from a compressed file.
To prevent this, add a metadata::trusted metadata to the file once the
user acknowledges the file as trusted. This adds metadata to the file,
which cannot be added unless it has access to the computer.
Also remove the SHEBANG "trusted" content we were putting inside the
desktop file, since that doesn't add more security since it can come
with the file itself.
https://bugzilla.gnome.org/show_bug.cgi?id=777991
Diffstat (limited to 'src/nautilus-metadata.h')
| -rw-r--r-- | src/nautilus-metadata.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/nautilus-metadata.h b/src/nautilus-metadata.h index 7a734af31..c4a303ec5 100644 --- a/src/nautilus-metadata.h +++ b/src/nautilus-metadata.h @@ -67,6 +67,8 @@ #define NAUTILUS_METADATA_KEY_SCREEN "screen" #define NAUTILUS_METADATA_KEY_EMBLEMS "emblems" +#define NAUTILUS_METADATA_KEY_DESKTOP_FILE_TRUSTED "trusted" + guint nautilus_metadata_get_id (const char *metadata); #endif /* NAUTILUS_METADATA_H */ |