Nautilus 3.24 and Execute-Permission Bit Required

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Nautilus 3.24 and Execute-Permission Bit Required

Jeremy Bicha-2
In 2010, the Ubuntu Security Team asked for and received Ubuntu Tech
Board approval for a policy [1] that created nautilus'
06_never_exec_nonexec_launchers.patch [2].

To launch a .desktop file in the home folder, Nautilus requires that
it be marked as executable. Nautilus 3.24 strengthened security by
requiring that it be marked as trusted in the user's gvfs database
[3]. Ubuntu 17.10 "Artful" now has Nautilus 3.24.

The problem is that all existing .desktop launchers now in the home
directory no longer work. And there is not an easy way for a user to
bypass this like they could before 17.10. [4]

Without Ubuntu's patch, Nautilus provides a "Trust and Launch" button.
I have a temporary PPA [5] if you want to test how this works. Be sure
to completely kill nautilus after changing your nautilus version since
it continues to run in the background.

Here are some possibilities:
1. Keep things as are. Existing .desktop launchers will stop working.
We can hope that tools that allow a user to drag-and-drop .desktops to
the home folder will add the metadata themselves. GNOME's Applications
menu extension does this now. [6]
2. Revert the 3.24 change in order to restore 3.22 behavior.
3. Drop Ubuntu's patch. I believe this would need Tech Board approval.

[1] https://wiki.ubuntu.com/SecurityTeam/Policies#Execute-Permission_Bit_Required
[2] https://bazaar.launchpad.net/~ubuntu-desktop/nautilus/ubuntu/view/head:/debian/patches/06_never_exec_nonexec_launchers.patch
[3] https://git.gnome.org/browse/nautilus/commit/?id=1630f5348
[4] https://launchpad.net/bugs/1687179
[5] https://launchpad.net/~jbicha/+archive/ubuntu/temp20170501/+packages
[6] https://launchpad.net/ubuntu/+source/gnome-shell-extensions/3.24.1-0ubuntu1

Thanks,
Jeremy Bicha

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
Reply | Threaded
Open this post in threaded view
|

Re: Nautilus 3.24 and Execute-Permission Bit Required

Marc Deslauriers-3
Hi,

On 2017-04-30 06:12 PM, Jeremy Bicha wrote:

> In 2010, the Ubuntu Security Team asked for and received Ubuntu Tech
> Board approval for a policy [1] that created nautilus'
> 06_never_exec_nonexec_launchers.patch [2].
>
> To launch a .desktop file in the home folder, Nautilus requires that
> it be marked as executable. Nautilus 3.24 strengthened security by
> requiring that it be marked as trusted in the user's gvfs database
> [3]. Ubuntu 17.10 "Artful" now has Nautilus 3.24.
>
> The problem is that all existing .desktop launchers now in the home
> directory no longer work. And there is not an easy way for a user to
> bypass this like they could before 17.10. [4]
>
> Without Ubuntu's patch, Nautilus provides a "Trust and Launch" button.
> I have a temporary PPA [5] if you want to test how this works. Be sure
> to completely kill nautilus after changing your nautilus version since
> it continues to run in the background.
>
> Here are some possibilities:
> 1. Keep things as are. Existing .desktop launchers will stop working.
> We can hope that tools that allow a user to drag-and-drop .desktops to
> the home folder will add the metadata themselves. GNOME's Applications
> menu extension does this now. [6]
> 2. Revert the 3.24 change in order to restore 3.22 behavior.
> 3. Drop Ubuntu's patch. I believe this would need Tech Board approval.
>

I strongly believe we should still require executable permissions, and should
not display an easy click-through dialog to set them.

The additional Nautilus requirement of marking an executable trusted in the
user's gvfs database is an improvement on top of that.

The 06_never_exec_nonexec_launchers.patch simply needs to be updated so that
Nautilus will display the "Trust and Launch" button only when execute
permissions are present on the .desktop file.

Marc.


--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
Reply | Threaded
Open this post in threaded view
|

Re: Nautilus 3.24 and Execute-Permission Bit Required

Jeremy Bicha-2
On Sun, Apr 30, 2017 at 9:13 PM, Marc Deslauriers
<[hidden email]> wrote:
> The 06_never_exec_nonexec_launchers.patch simply needs to be updated so that
> Nautilus will display the "Trust and Launch" button only when execute
> permissions are present on the .desktop file.

I have done this. Thank you for the solution.

Jeremy Bicha

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
Reply | Threaded
Open this post in threaded view
|

Re: Nautilus 3.24 and Execute-Permission Bit Required

Marc Deslauriers-3
On 2017-04-30 09:49 PM, Jeremy Bicha wrote:
> On Sun, Apr 30, 2017 at 9:13 PM, Marc Deslauriers
> <[hidden email]> wrote:
>> The 06_never_exec_nonexec_launchers.patch simply needs to be updated so that
>> Nautilus will display the "Trust and Launch" button only when execute
>> permissions are present on the .desktop file.
>
> I have done this. Thank you for the solution.
>

Great, thanks!

Marc.


--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened