[Thunar-dev] Security issue with .desktop files in Thunar
j.g.karssenberg at student.utwente.nl
Tue Apr 11 23:36:17 CEST 2006
Attached you find a file that is a modified desktop file of an
application of mine. This desktop file shows up as a well behaved pdf
document in thunar (icon is pdf and the "filename" ends in .pdf !) but
when you click it it will execute some program. Since this program can
also be bash with some inline script as commandline argument this is
I think it would be much better if the "filename" didn't show the "name"
field from the desktop file but just something ending in .desktop .
-- Jaap Karssenberg <pardus at cpan.org>
P.S. didn't check against latest Thunar so my apologies if this is
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 374 bytes
Desc: not available
More information about the Thunar-dev