Xfce Forum

Sub domains
 

You are not logged in.

#1 2023-01-02 17:55:07

darrylbudd
Member
Registered: 2022-12-31
Posts: 10

Desktop file "app.desktop" is in an insecure location

Hi folks.

This Untrusted application launcher dialog pops up on a seasonal basis for me. Its strange. I did a websearch and there were no definitive answers around that I could see.

So here I am, looking for the definitive answer to the perennial question, how to solve the launcher resulting in the dialog "The desktop file" app.desktop" is in an insecure location and not marked as executable. If you do not trust this program, click Cancel"

The desktop files are "-rwxr-xr-x" and so are executable and owned by me. So that is why I'm hoping for an answer once and for all. smile

Yet to be answered here and here

Again, internet is bad in my country so please don't be offended if I don't get back to you in a day or so.

Last edited by darrylbudd (2023-01-02 18:02:34)

Offline

#2 2023-01-02 19:49:26

ToZ
Administrator
From: Canada
Registered: 2011-06-02
Posts: 11,481

Re: Desktop file "app.desktop" is in an insecure location

There was a change in thunar 4.17.4 due to a security issue. Have a read through https://forum.xfce.org/viewtopic.php?id=16357 to see how the files are trusted now.

Edit: As for existing .desktop files, they are only trusted if they exist in one of the XDG_DATA_DIRS directories. You can symlink files from those directories onto the desktop and they will also be trusted.

Last edited by ToZ (2023-01-02 19:58:01)


Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki  |  Community | Contribute ---

Offline

#3 2023-01-03 19:34:20

darrylbudd
Member
Registered: 2022-12-31
Posts: 10

Re: Desktop file "app.desktop" is in an insecure location

Thanks ToZ.

So I think I understand the security issue. Archive files can also store whether a file is (x)ecutable and archive files are also commonly used to share files with other people/computers, whereas the gvfs is really is not designed to ever be shared with another person so there is very little chance of a bad executable being 'trusted' moving forward. Is that the basic logic of the security issue?

ToZ wrote:

As for existing .desktop files, they are only trusted if they exist in one of the XDG_DATA_DIRS directories.

Memory is not great re what a XDG_DATA_DIRS is but I'll look it up.

Is it possible to add the checksum to the gvfs metadata by using the GUI, for example the "Mark Executable" button? If so, I'll likely just do that.

Thanks again for highlighting things that have improved in the Xfce universe. smile

Offline

#4 2023-01-03 21:21:12

ToZ
Administrator
From: Canada
Registered: 2011-06-02
Posts: 11,481

Re: Desktop file "app.desktop" is in an insecure location

darrylbudd wrote:

Thanks ToZ.

So I think I understand the security issue. Archive files can also store whether a file is (x)ecutable and archive files are also commonly used to share files with other people/computers, whereas the gvfs is really is not designed to ever be shared with another person so there is very little chance of a bad executable being 'trusted' moving forward. Is that the basic logic of the security issue?

Thats pretty much how I understand it.

ToZ wrote:

As for existing .desktop files, they are only trusted if they exist in one of the XDG_DATA_DIRS directories.

Memory is not great re what a XDG_DATA_DIRS is but I'll look it up.

You can run the following command to see the currently set paths:

env | grep XDG_DATA_DIRS

Is it possible to add the checksum to the gvfs metadata by using the GUI, for example the "Mark Executable" button? If so, I'll likely just do that.

Yes, thats what happens when you use the GUI dialog. The other thread shows you how to do it manually as well.

Thanks again for highlighting things that have improved in the Xfce universe. smile

No worries.


Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki  |  Community | Contribute ---

Offline

Registered users online in this topic: 0, guests: 1
[Bot] ClaudeBot

Board footer

Powered by FluxBB
Modified by Visman

[ Generated in 0.024 seconds, 8 queries executed - Memory usage: 535.33 KiB (Peak: 536.17 KiB) ]