.desktop files

This article has been flagged for not conforming to the wiki guidelines (no intro, etc.). Please help Gentoo out by starting fixing things.

.desktop is a XDG specification designed to allow a standardized way of configuring a program's integration into a desktop environment, i.e., how it appears in the desktop environment's menu, how it should be launched, etc.

Syntax validation for .desktop files

The official validation tool for .desktop files is distributed with the package dev-util/desktop-file-utils

user $desktop-file-validate yourfile.desktop

Executable bit in .desktop files

.desktop files in /usr/share/applications/ should have consistent executable bits.

As of 2017-06-16 many ebuilds (mostly KDE) create executable .desktop files (bug #621966).

Look for executable .desktop files on the system with:

user $find /usr/share/applications/ -executable -type f

Please report any violations upstream.

Executable bit on Ubuntu systems

The Ubuntu Security Policy makes use of executable bits:

CODE

Applications, including desktops and shells, must not run executable code from files when they are both:

    lacking the executable bit
    located in a user's home directory or temporary directory. 

The GNOME or KDE MIME type handlers must not circumvent this principle.

This includes *.desktop, *.jar, and *.exe files.

    Look for .desktop files with MimeType= and Exec= lines that do not use "cautious-launcher"

This does not apply to software which is installed via Gentoo ebuilds. Software should not ship a .desktop file with executable bit. The user can set the bit on demand where it is needed.

Ideas / Todo

we could check for the x bit in https://gitweb.gentoo.org/proj/portage.git/tree/lib/portage/util/_desktop_entry.py
In the past there were discussions about requiring them to be executable: https://commit-digest.org/issues/2009-02-08/
2017-06-18 Jonas Stein (Jstein) asked on the freedesktop mailing list about the .desktop file.
KDE: "Note: Since KDE 4.3, there are more restrictions on authorized desktop files to prevent users from inadvertently running trojan desktop files. Your application launchers should have the executable bit set to prevent issues." source: kde.org
Xfce: please see bug #465740 about thunar behavior

Troubleshooting

Report bugs in desktop-file-validate on https://gitlab.freedesktop.org/xdg/desktop-file-utils/issues

Validation in some cases seems not correct ... (should be reported upstream)
"desktop-file-validate claims OnlyShowIn is deprecated" https://gitlab.freedesktop.org/xdg/desktop-file-utils/issues/52

External resources

https://devmanual.gentoo.org/eclass-reference/desktop.eclass