diff options
author | Slatian <baschdel@disroot.org> | 2023-11-27 21:15:42 +0100 |
---|---|---|
committer | Slatian <baschdel@disroot.org> | 2023-11-27 22:02:37 +0100 |
commit | 1e2ec2446b55854b36f2fd2c52778d3e7dda08f8 (patch) | |
tree | 85539474f7759535be1d01750bff7972c4a03da9 | |
parent | 2e88ae60c7e663789f47f5ef4e7ad4bdc83f1ae6 (diff) |
Added a secutity note on xdg-mime default to warn against confusing openers and runners
-rw-r--r-- | scripts/desc/xdg-mime.xml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/desc/xdg-mime.xml b/scripts/desc/xdg-mime.xml index 54b0922..f3eba17 100644 --- a/scripts/desc/xdg-mime.xml +++ b/scripts/desc/xdg-mime.xml @@ -145,6 +145,12 @@ and adding descriptions for new file types</refpurpose> actual default handler for a specific file type. </simpara> <simpara> + <emphasis>Security Note:</emphasis> Never set a handler that will blindly execute code or commands from the file being handled. Such behaviour will sooner than later lead to unintended code execution i.e. through a curious user trying to inspect a freshly downloaded file but running it by accident. + </simpara> + <simpara> + Keeping opening and executing separate actions helps with people protecting themselves from malware, the default handler is an opener, not a runner. + </simpara> + <simpara> The <emphasis>default</emphasis> option is for use inside a desktop session only. It is not recommended to use xdg-mime default as root. </simpara> |