Thread replies: 92
Thread images: 16
Thread images: 16
File: sWXaSmq.png (164KB, 990x727px) Image search:
[Google]
164KB, 990x727px
Desktop Linux users BTFO by file manager exploit:
https://bugzilla.gnome.org/show_bug.cgi?id=777991
You can send a Linux user an archive that pretends to extract images into a folder, but actually extracts a bunch of .desktop files that look like images (complete with extensions) that can own you if you double click on them. This is nearly the exact same exploit as the "Hidden File Extensions" exploit that has been in Windows since forever, but since desktop Linux's MO is to poorly copy what successful desktop operating systems are doing, I suppose it was only a matter of time before this misfeature was copied as well.
And before you make fun of GNOME, this exploit also works in Thunar, Caja, Nemo, PCManFM and PCManFM Qt. Only Dolphin and ls are safe.
>>
>>58741186
>Patch already released
>Not using Arch
You are not even trying.
>>
>gnome
what a surprise
kde master race
>>
Who the fuck uses a file manager on Linux?
>>
most developers tried to dismiss it as a non-issue lmao
lazy fuckng fucks
>>
Joke's on you I use ranger and mc
>>
>>58741186
>not using SELinux
>not using the terminal as file manager
>>
>>58741186
>not using arch
>not using KDE
Its almost like you wanna get kucked
>>
>>58741437
SELinux won't prevent that, retard.
>>
>>58741459
It will in strict mode with ubac
>>
>>58741186
>workaround: change your archive manager behavior
so hard
>>
>>58741277
I do. Why not?
>>
File: 1355508139991.jpg (91KB, 850x633px) Image search:
[Google]
91KB, 850x633px
>>58741186
desktop Linux doesn't exist you idiots
/thread/
>>
>>58741277
People who actually use their computer.
>>
>>58741277
>>58741425
>>58741437
if you use the terminal or mc as your only file manager, you're either not a desktop linux user or you're such a fucking hipster that you should just buy a fedora already if you don't already own one.
>>
Gnome dev already working to fix this.
They remove the ability to run files from file manager. Who need that function anyway.
>>
>>58741186
>linux is shit because exploit
>well windows had the sec hole forever but more people use it
What OS are you using if I may ask?
>>
>>58741472
Fair enough, but strict mode is a huge PITA.
>>
>>58741472
I heard cutting power helps too
>>
>>58741545
TempleOS.
>>
>>58741584
Security by obscurity is worst security
>>
>>58741452
Is KDE actually good now, or is it a meme?
>>
File: autism.jpg (15KB, 250x235px) Image search:
[Google]
15KB, 250x235px
>>58741186
>Dolphin and ls are safe
oh, then I don't have to worry about this at all then.
God, don't you just love KDE
>>
>>58741499
>being this much of a babby
Looks like you're the fucking hipster, using Linux when you can't perform the simplest of tasks without a GUI. Fuck off back to macOS.
>>
>GNOME
Oh, so it's nothing worth caring about.
>>
>>58741606
The settings menu's setting menu has a setting menu to choose which settings you want to set but other than that it's okay imo.
>>
does the bug make thumbnails finally work in firefox's file picker?
>>
Common Sense would have preventing this exploit
>>
File: IMG_0010.png (6KB, 390x470px) Image search:
[Google]
6KB, 390x470px
>>58741672
>>
>>58741672
werks on my machine :^)
>>
File: 1f1xy6.jpg (54KB, 991x902px) Image search:
[Google]
54KB, 991x902px
>>58741186
>mfw using KDE
Haha, Gnome plebs fucked again!
>>
>>58741831
wayland you niggerfaggot
>>
>>58741859
Sorry, I can't hear you over my superior applications, tiny window bars, and great security.
>>
>>58741606
Unstable piece of shit
>>
>>58741893
oh yeah i bet you've set 14 unique Keybinds for each window, right? and those plasmoids are really useful for ricing your shit desKtop fucKing rainmeter style. you enjoy the two minutes it taKes to start your desKtop?
sucK KocK and Kill yourself
>>
>>58741490
kek faggot I use ranger and unzip my files with tar CLI it's easier, faster and lighter than your shit file manager
>>
>>58741980
Is your caps lock key broken or are you just autistic? I also don't have any speed issues because I use an SSD. Stay mad and cucked, poorfag Gnome user.
>>
>>58741953
So people are basically just shilling because of an GNOME exploit.
What are some DE's that don't suck? GNOME is all I've ever used with Linux and I'm getting kind of bored of it, DESU. I tried LXDE but damn that shit seemed like complete garbage.
>>
>>58741639
Calm down autismo. I'm in the first category, not the second.
>>
>>58741499
But fedora comes with a file manager pre-installed
>>
File: Screenshot_20170131_192901.png (227KB, 1280x800px) Image search:
[Google]
227KB, 1280x800px
>>58741980
Not him but running KDE, Dekstop instantly starts
>>
>>58742024
KDE is best DE
>>
>>58741490
if you actually used your computer you wouldn't be using linux in the first place
>>
>>58742057
One person says KDE is the best, other person says it's unstable. Who do I believe, anon?
>>
>>58742004
you Kalling me autistiK fucKboi? search your repo for pacKages starting with K and come bacK when you've rebooted you pc.
SSD OOOH!
i always wanted my window manager to be the most resource heavy program on my Komputer. shit should have a 3D Kube with desKtops. why stop there how about some hourglass window animations?
>>
File: 1485894353032.jpg (589KB, 800x820px) Image search:
[Google]
589KB, 800x820px
>>58742060
thanks Rajesh.
>>
>>58742070
Install KDE. Gnome is for cucks.
>>
File: 1458098799122.jpg (66KB, 593x782px) Image search:
[Google]
66KB, 593x782px
>>58742086
>posts trump pic
>probably voted for hillary
you're not fooling anyone
>>
>>58742070
>>58742043
>>58742057
>me
I've only been using KDE for a month but I love it, it syncs to my phone to I Can reply to texts without picking it up. Looks pretty, is fast. not exactly light.
and obv has less exploits.
>>
>>58742084
Looks like you've answered my question. Have a nice day, autist.
>>
>>58742096
>projecting this hard
Bernout?
>>
>>58742104
have fun tweaKing your font rendering and searching for "expose slow" in Konquerer you sperg.
>>
>>58741277
dats rite
we wuz terminal hackerz n shiet before the GUI script kiddies came
>>
>>58742121
nah, yebhead here
>>
>>58742122
>implying gnome doesn't put g on every package
>gedit
>gparted
>gstreamer
>gnote
>gnumeric
>>
>>58742166
G > K
>>
>>58742070
All Linux DEs are buggy and unstable. But at least with KDE you get active development (unlike Xfce which is dead) and decent features (unlike GNOME, where the developers hate the users).
Just don't use it on K/Ubuntu. If you really love *buntu, try KDE Neon.
>>
>>58742200
G=71
K=75
75 > 71
>>
>>58742231
I can't argue with that. I'll install KDE NEON by morning.
SYKE. Windows 10.
W = 87
>>
File: 7bmJdpp.png (263KB, 1024x768px) Image search:
[Google]
263KB, 1024x768px
>>58742213
Too bad it looks horrific
>>
File: i9LtV36qJLkVAAAAABJRU5ErkJggg==.png (1MB, 1920x1080px) Image search:
[Google]
1MB, 1920x1080px
>>58742591
What theme is that? I just installed KDE and it looks fucking terrible compared to your screenshot.
>>
File: 1485896467307.jpg (529KB, 800x820px) Image search:
[Google]
529KB, 800x820px
>>58742086
i had updated my original pic. this one is the newest version.
>>
>social engineering exploit
Who cares, people who fall for these deserve to be owned, would not fix.
>>
>>58742853
It's really easy to say stuff like that until you're the one getting owned because some assumption you made turned out to no longer be the case.
>>
>>58742024
>GNOME is all I've ever used with Linux and I'm getting kind of bored of it, DESU.
This right here perfectly encapsulates everything wrong with /g/ *NIX ricers.
Desktops aren't meant to be exciting. They're meant to help you get work done. I use Windows, OSX and Linux (serverside only) because it helps me get shit done, not to have something to tinker with and knobs to fiddle around with.
>>
>>58741186
>Only Dolphin and ls are safe.
Nice, I'm safe. Why aren't you using KDE, faggots?
>>
>>58743124
>I use Windows
I'm sorry.
>>
>>58742696
s/theme/meme/
>>
>>58741186
>using a file manager
They deserve it.
>>
>>58741186
>using .desktop files
wew
>>
>>58741605
Security through obscurity
From Wikipedia, the free encyclopedia
In security engineering, security through obscurity (or security by obscurity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack.
>>
File: 1472821975325.png (22KB, 606x298px) Image search:
[Google]
22KB, 606x298px
topkek
>>
>>58741186
This is one reason why the """fragmentation""" of the Linux desktop is a good thing. Its more difficult to write malware if everyone is running different distros and DEs.
Imagine if Windows malware only worked for the 25% of users who had their desktop set up a certain way.
>>
i assume the fix is file managers shouldn't be running .desktop files from anywhere but the */applications/ folders
>>
>>58743879
Then it would drain a few drops out of the ocean of reasons not to use Windows as your primary OS
>>
>>58743124
KDE Workspaces are much better than windows explorer when it comes to productivity, I'm a full stack developer and i have a different workspace for server managing, sql and development.
>>
>>58741186
Who doesn't extract on the TERMINAL LOL
>>
>>58741277
This, like what the fuck people...
>>
>Thunar, Caja, Nemo, PCManFM
It's almost like everyone with half a brain has realized KDE or no DE is only good way to use GNU/Linux for over a decade. Shocking.
>>
>>58743571
Don't be. I wouldn't use Windows (or anything else) if I felt like using them was an uphill battle to get work done.
Then again, I also don't have the usual /g/ autism that sets strange, exaggerated definitions for the word "usable" that somehow disqualifies Windows and OSX but doesn't disqualify Desktop Linux.
>>
File: 1473380686628.png (19KB, 931x969px) Image search:
[Google]
19KB, 931x969px
>>58741980
Nice fucKing meme.
>>
Why can't freetard file managers display an arrow beside the shortcut? Or have a "shortcut" in the description?
>>
>>58744595
a symbolic link or hard link really isn't the same as a shortcut desu
>>
>>58741186
>.desktop
my openbox says fuck off to this exploit.
>last exploit was backspace GRUB
syslinux, saves the day.
Why is Linux so based for having freedom of choice? ;^)
>>
>not using ranger
LMAO go back to your fruity toddler toys
>>
>>58744699
l0l, using hobbyist tools
>>
>>58744595
unfortunately this is what happens when you let redhat poototheloos run amok
>>
>using Gnome
I've been using KDE for a couple years now. No regrets.
>>
>>58741186
>not using noice
>extracting using a gui
>not using mc or ranger
Wtf you even on linux for?
>>
>>58745110
Yeah, why would you want to even be able to see the images you're extracting?
>>
>>58745179
you open them after extracting LOL
>>
>installing shit through anything other than the terminal
wow plebs
it's as simple as not installing it.
Thread posts: 92
Thread images: 16
Thread images: 16