Open step- opened 5 years ago
jun7
commented
5 years ago It is caused by following line https://github.com/jun7/rox-filer/blob/67c94843242eae6344a0dc20a87e12170f741b19/ROX-Filer/src/diritem.c#L386
So removing info.st_uid != uid solves it but the comment on the src says
* .DirIcon and AppRun must have the same owner as the
* directory itself, to prevent abuse of /tmp, etc.
* For symlinks, we want the symlink's owner.I don't know how abuse it though.
step-
commented
5 years ago Me neither, I don't know how a ROXapp could abuse /tmp or viceversa. Perhaps he's pointing out /tmp because everyone can write files and folders in /tmp but I still don't understand how that could lead to abuse. Anyway, if security is a concern, even if we don't understand the details, it's reasonable to enforce same user's ownership. Then you can close this issue with no changes. Thanks for looking at this.
I customize the folder icon by adding a png icon as file
.DirIcon. Normally it works, but sometimes it doesn't and rox continues to display the default icon for the folder. To fix this I change user and group of file.DirIconto the current user's. Immediately after this change rox displays the new icon as the folder icon.Do you think you can fix this, please?
running as user root
add icon (owner's user id 510)
you see that the window icon is unchanged now change the owner and group to root's
you see that now the window icon is changed as it should be