Ubuntu
thunar package

  1. Bug #1327791
  2. Comment #24

Comment 24 for bug 1327791

Revision history for this message
In , Michael Orlitzky (michael-orlitzky) wrote :

IMO the root of the issue is the abuse of the executable bit for things that aren't executable. I posted about this a few years ago, the last time a series of .desktop vulnerabilities came up:

https://www.openwall.com/lists/oss-security/2017/11/08/10

I'm only mentioning it here for posterity; I just realized that I never came back to comment on this bug.