From mboxrd@z Thu Jan 1 00:00:00 1970 From: Efraim Flashner Subject: bug#30228: desktop files embedding full path Date: Sun, 18 Feb 2018 22:29:48 +0200 Message-ID: <20180218202948.GA1149@macbook41> References: <20180123110012.GB16202@macbook41> <87o9ljxpzo.fsf@gnu.org> <20180129193946.GD17751@macbook41> <87r2q7393h.fsf@gnu.org> <20180218190338.GA30140@macbook41> <87r2pi5ah8.fsf@elephly.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="G4iJoqBmSsgzjUCe" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:33678) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1enVb5-0006Zb-1q for bug-guix@gnu.org; Sun, 18 Feb 2018 15:30:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1enVb1-0002I1-2d for bug-guix@gnu.org; Sun, 18 Feb 2018 15:30:07 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:42321) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1enVb0-0002Hs-Uz for bug-guix@gnu.org; Sun, 18 Feb 2018 15:30:03 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1enVb0-0003nT-HB for bug-guix@gnu.org; Sun, 18 Feb 2018 15:30:02 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <87r2pi5ah8.fsf@elephly.net> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ricardo Wurmus Cc: 30228@debbugs.gnu.org --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 18, 2018 at 09:06:11PM +0100, Ricardo Wurmus wrote: >=20 > Efraim Flashner writes: >=20 > > On Tue, Jan 30, 2018 at 12:00:02PM +0100, Ludovic Court=C3=A8s wrote: > >> Hello, > >>=20 > >> Efraim Flashner skribis: > >>=20 > >> > On Wed, Jan 24, 2018 at 03:58:51PM +0100, Ludovic Court=C3=A8s wrote: > >> >> Hi, > >> >>=20 > >> >> Efraim Flashner skribis: > >> >>=20 > >> >> > the owncloud-client package includes an option to add a .desktop = entry > >> >> > to $HOME/.configure/autostart/, which allows it to autostart when= you > >> >> > log in to your desktop environment. Because the full path of the = binary > >> >> > is in the .desktop file, it will always start THAT copy of > >> >> > owncloud-client, even if it is garbage collected. > >> >>=20 > >> >> I think you shouldn=E2=80=99t copy manually the .desktop file to > >> >> ~/.configure/autostart, precisely because of that. > >> >>=20 > >> >> Instead this should be done via in indirect GC root (as in =E2=80= =9Cguix build > >> >> -r the-root owncloud-client=E2=80=9D) or, ideally, by having it Gui= xSD-managed. > >> >>=20 > >> >> Thoughts? > >> >>=20 > >> >> Ludo=E2=80=99. > >> > > >> > I agree it shouldn't copy a .desktop file into .config/autostart/. In > >> > this case, the offending code is here=C2=B9, so there's not much tha= t can be > >> > done about it. In mine I've changed the Exec line to > >> > /var/guix/profiles/per-user/... so it'll work as expected. In this c= ase > >> > the code generates a desktop file on the fly, so modifying the .desk= top > >> > file shipping with applications wouldn't even help here. > >> > > >> > > >> > =C2=B9 https://github.com/owncloud/client/blob/f326bf371d690f1929f7c= 5c06aebf53c7255daa6/src/common/utility_unix.cpp#L73 > >>=20 > >> What do you think should be done on the Guix side? We could patch the > >> code above to not install the .desktop file in ~/.config, for instance. > >>=20 > >> Thanks, > >> Ludo=E2=80=99. > > > > I've been thinking about it and it would also just be possible to patch > > the exec line there to only have the binary name. As an unintended > > consquence, if you did add the desktop entry to .config/autostart/ and > > the exec was only 'owncloud-client' then we would match the other > > distros' behaviors of not running uninstalled programs, if you were to > > later uninstall owncloud-client from your profile. > > > > I bet the reason it is coded this way is to allow for > > /usr/bin/owncloud-client or /usr/local/bin/owncloud-client, but just > > 'owncloud-client' will pick up the executable if it is in the runpath. > > > > I think that's the best option, to change the 'exec' line to just > > 'owncloud-client'. >=20 > Would that pick up owncloud-client if there is an executable of that > name somewhere in PATH? Could this be a security problem? >=20 efraim@macbook41 ~$ echo $PATH /home/efraim/.guix-profile/bin:/home/efraim/.guix-profile/sbin:/run/setuid-= programs:/run/current-system/profile/bin:/run/current-system/profile/sbin probably, but I assume you'd have to modify your default path to add ~/bin or something. It seems less worse than starting an older version of owncloud-client or trying to start one that's been garbage collected. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlqJ4jwACgkQQarn3Mo9 g1Gj+BAAhFXN77mMuMoEDGmO/s0bxARNplsXRs+qZU+duU5a+VbhQGhN6nHXcGg8 RVQha6bSHCsVCCTaC+TDMHdJ/d+pIeHzsDwTDCY5TctMk9CKd2hGWZPc9eDEU8iq r8Dc5+sUDEUO75eshsOlnP/llwzKS8OKYmD7xfhg1dgb172TR/Ef25tPWiU8wDrR xWWKHuv4fcezLN+mKy1bIMPLV6eSg+0QV78T4Li+wHvU2e+WQLb2yXPA1VcWwJ9v leYjWTuO0bk445bxnzHGiq5yN5AdCqRjwolpTBSOeKZWJZqheYL0L+3G7ueHRg+3 WH8u8KDqnmJ7XehnrJFk6Mp3fWP8ouEgvsfLjP0/U/mL+OHrIsaUIHGLZ3oJJIcB bA7btj0QfQm7uzjyqkNIjrxyT+GS3YuLu+7FiQRx2Dh7qgWJuJdbL3nH8zZfsC+D SpzPKxLecl9vTcA55rgm92Dibdw8g7XFA4YG5SrEIGt1mn2sHmJv9VG5tSklsPuR dvEqUBmeGtHI1ybYQPHcgF2y6CspUNhsu0GmhpDbvpj1H4SeW5Tq+oyhrTH9u5lp wAEol4taA/8aItZS6XLC8CD5vsQb2MYipADZNrdEndD8+6PnyGsL/kVyNkuUIdkp In6uRnIkAbXrHN6X7XwMFYDVtP7QWhnrPdlwH4Btxn4OjT5xa+o= =Pk4G -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe--