Re: advanced nautilus usage

From: John Smith <mnemosyne home nl>
To: Nautilus <nautilus-list gnome org>
Subject: Re: advanced nautilus usage
Date: Fri, 07 Nov 2003 20:26:58 +0100

On Fri, 2003-11-07 at 10:34, Alexander Larsson wrote:
> On Sun, 2003-11-02 at 10:38, John Smith wrote:
> > On Sun, 2003-11-02 at 05:25, Frank Worsley wrote:
> > > AFAIK, launchers from remote locations are not started since it's a
> > > possible security issue.
> > > 
> > > - Frank
> > > 
> > > > Hi All,
> > > >
> > > >         I  run 'nautilus ssh://uid remotehost:/opt/scripts', which
> > > > works fine. This folder contains launchers (app.desktop), which
> > > > intend to start all kind of applications. It doesn't work :-(
> > > > Why? Am I missing something obvious? I run nautilus 2.2.4 on
> > > > Debian Woody + testing (Gnome 2.2).
> > > >
> > > > Sincerely,
> > > >
> > > > Jan.
> > > >
> > > > --
> > > > nautilus-list mailing list
> > > > nautilus-list gnome org
> > > > http://mail.gnome.org/mailman/listinfo/nautilus-list
> > > >
> > > 
> > Sorry Frank,
> > 
> > 	I don't think that's valid: I'm using ssh. BTW, if I start
> > 'ssh remotehost nautilus' go to 'applications:///Accessories' and
> > click Calculator, it works as expected. So why do regular (ie. menu
> > placed apps) work as expected and manually created launchers don't?
> 
> This is what the code does:
> 
> /* Don't allow command execution from remote locations where the
>  * uri scheme isn't file:// (This is because files on for example
>  * nfs are treated as remote) to partially mitigate the security
>  * risk of executing arbitrary commands.
>  */
> if (!eel_vfs_has_capability (desktop_file_uri,
> 			     EEL_VFS_CAPABILITY_SAFE_TO_EXECUTE)) {
> 	eel_show_error_dialog
> 		(_("Sorry, but you can't execute commands from "
> 		   "a remote site due to security considerations."), 
> 		 _("Can't execute remote links"),
> 		 parent_window);
> 		 
> 	return;
> }
> 
> this is to avoid e.g. clicking on a desktop file that has the same icon
> as a folder on a public ftp site and having the desktop file run "rm -rf
> ~/".
> 
> > 	Second time I run into a nautilus/remote issue. I once asked
> > here something about copying between local and remote nautilus 
> > windows, which isn't possible either. In my opinion nautilus/gnome
> > is the next best thing after sliced bread, but in order to compete
> > with Windows Explorer, these are trivial things that should work out
> > of the box, given the advantages that *nix has over Windows: remote
> > execution/local display of applications.
> > 
> > 	Wish- or buglist?
> 
> Not being able to copy between local and remote window is certainly a
> bug.
> 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>  Alexander Larsson                                            Red Hat, Inc 
>                    alexl redhat com    alla lysator liu se 
> He's a scarfaced white trash cat burglar with a robot buddy named Sparky. 
> She's an enchanted insomniac barmaid who don't take no shit from nobody. They 
> fight crime! 
> 
Hi Alexander,

	thanks for your explanation, I'll be able to hack around the
security feature with that. Would be nice though to make that a (compile
time?) configurable option, default disabled of course ;-). Imho it is
a bound to fail security measure. Like disabling executables for rsh
access ;-).
	I will probably be able to test the local-remote window copy
again between to identical (Debian) stations (still have to be 
installed) in the weeks to come and will report back then.

Sincerely,

Jan.

References:
- Re: advanced nautilus usage
  - From: Frank Worsley
- Re: advanced nautilus usage
  - From: John Smith
- Re: advanced nautilus usage
  - From: Alexander Larsson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]