Malware Threat To GNOME and KDE

commandlinegamer writes "foobar posted on his blog recently about 'How to write a Linux virus in 5 easy steps,' detailing potential malware infection risks in the .desktop file format used by GNOME and KDE. This is not a new threat, and it appears to still be a risk, as discussions in 2006 did not seem to come to any firm conclusion on how to deal with the problem." There's a followup on LWN.

Does not work as advertised

[argiedot]

The user has to first save the attachment and then double click on it.

This will not work on Ubuntu 8.04 at least. I have just tried sending myself a shell script that was marked executable, and after saving it, double-clicking it would display it. Even without the extension, double-clicking would only display it. But even assuming that somehow this script was automatically marked to execute, what happens? You get asked a question:

"file" is an executable text file. Do you want to run "file" or display its contents? Run in Terminal, Display, Cancel, Run.

What is the authors method of spreading this? An email with the following in it:

Whoa, check out these nude shots of...! (if the attachment doesn't want to open just save it to your desktop and open it...)

Now, would you want to 'Display' nude shots or 'Run' nude shots? I'm sure you could manage this if you sent something like, "Check out this cool script!" or "Check out this cool screensaver." but the former is already a lost battle (we know you can never protect against a user) and the latter isn't a problem (Linux users do not install from emails, they install from repositories).