.desktop files

Syntax validation for .desktop files

The official validation tool for .desktop files is distributed with the package dev-util/desktop-file-utils

Executable bit in .desktop files

.desktop files in /usr/share/applications/ should have consistent executable bits.

As of 2017-06-16 many ebuilds (mostly KDE) create executable .desktop files (bug #621966).

Look for executable .desktop files on the system with:

Please report any violations upstream.

Applications, including desktops and shells, must not run executable code from files when they are both:

    lacking the executable bit
    located in a user's home directory or temporary directory. 

The GNOME or KDE MIME type handlers must not circumvent this principle.

This includes *.desktop, *.jar, and *.exe files.

    Look for .desktop files with MimeType= and Exec= lines that do not use "cautious-launcher"

Ideas / Todo

• we could check for the x bit in https://gitweb.gentoo.org/proj/portage.git/tree/pym/portage/util/_desktop_entry.py
• In the past there were discussions about requiring them to be executable: https://commit-digest.org/issues/2009-02-08/
• 2017-06-18 Jonas Stein (Jstein) asked on the freedesktop mailing list about the .desktop file.
• KDE: "Note: Since KDE 4.3, there are more restrictions on authorized desktop files to prevent users from inadvertently running trojan desktop files. Your application launchers should have the executable bit set to prevent issues." source: kde.org
• Xfce: please see bug #465740 about thunar behavior

Troubleshooting

Report bugs in desktop-file-validate on https://gitlab.freedesktop.org/xdg/desktop-file-utils/issues

• Validation in some cases seems not correct ... (should be reported upstream)
• "desktop-file-validate claims OnlyShowIn is deprecated" https://gitlab.freedesktop.org/xdg/desktop-file-utils/issues/52

See also

• Notes_on_ebuilds_with_GUI

External resources

• https://devmanual.gentoo.org/eclass-reference/desktop.eclass