Need some clarification about the permissions of .desktop
files. I can see all the .desktop
files in /usr/share/applications/
owned by root have permission,
-rw-r--r--
also examples.desktop
at $HOME
owned by user has the same permission. All of those run properly.
But when I am going to create a custom .desktop
file having the same permission it is throwing the following error message,
Untrusted application launcher
The application launcher "myapp.desktop" has not been marked as trusted. If you do not know the source of this file, launching it may be unsafe.
But adding the execution permission is allowing it to run without any issue.
Q: Why custom
.desktop
files need to have+x
permissions to run or how some.desktop
files can run without execution permission? Is it possible to run a custom.desktop
file without execution permission?
Best Answer
This is from Ubuntu's security policy:
So yes, according to this policy, it should be possible to run a .desktop file without the executable bit set. According to this policy you would only have to move that file out from the
/home/
and/tmp/
directories and then you can launch it without the executable bit set. This is in theory/according to the policy.In practice nautilus will allow you to launch .desktop files without the executable bit set from the XDG_DATA_DIR directories and from the
~/.gnome2/
directory. You can check the XDG_DATA_DIRS with theecho $XDG_DATA_DIRS
command. So if you put your .desktop file in in an XDG_DATA_DIR or in~/.gnome2/
you will be able to launch it from nautilus without the executable bit set. At least on 12.04 it works like that. How is this in line with the aforementioned policy I do not know.For the
examples.desktop
mentioned in the question: That .desktop file is a different kind of .desktop file. It is a "Link", it doesn't want to execute anything, it basically works as a symlink. These kinds of .desktop files work everywhere.