ExecutableBit
|
Size: 1318
Comment:
|
← Revision 13 as of 2014-05-01 12:47:50 ⇥
Size: 1608
Comment: link to subpage containing translation
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| Software in Ubuntu needs to be "executable" (sometimes called "trusted"), both in the sense that the software is a program, and that it is marked as an "executable file" via [[https://help.ubuntu.com/community/FilePermissions|file permissions]]. Normal software is available for installation via the [[https://wiki.ubuntu.com/SoftwareCenter|Software Center]]; this is the primary source of software in Ubuntu. | ''Other languages:'' [[/es|Español]] |
| Line 3: | Line 3: |
| Files downloaded from other locations are not marked as "executable" since they did not get installed via a trusted software repository. Because of this, attempting to open downloaded files that are software will fail. The primary reason for blocking this software is to help unsuspecting users avoid [[http://en.wikipedia.org/wiki/Malware|malware]] (i.e. malicious software like trojan horses, worms, and viruses). | Software and software installers in Ubuntu need to be marked as [[SecurityTeam/Policies#ExecutePermissionBitRequired|"executable"]] in order to be treated as runnable programs. This indicates to Ubuntu that the file is actually software and is trusted. Normally and preferably software should be installed using the [[https://wiki.ubuntu.com/SoftwareCenter|Ubuntu Software Center]] which is the primary source of software in Ubuntu. |
| Line 5: | Line 5: |
| Ubuntu Policy requires that [[https://wiki.ubuntu.com/SecurityTeam/Policies#Execute-Permission%20Bit%20Required|software not marked as executable not be runnable]]. One of the most common ways this happens is by having a package ship a {{{.desktop}}} file for a Mime``Type which executes the target file (.EXE, .JAR, etc). This is not allowed unless the target file is already executable (or installed by a trusted software repository). | You should only mark a file as executable via the file [[https://help.ubuntu.com/community/FilePermissions|permissions]] if you know what you are doing. Files from outside the supported [[https://help.ubuntu.com/community/Repositories/Ubuntu|software repository]] are not marked as "executable" since they did not get installed via a trusted source. Because of this, attempting to open/run downloaded files that are software will fail. These files are blocked for security reasons to help unsuspecting users avoid [[http://en.wikipedia.org/wiki/Malware|malware]] (i.e. malicious software like trojan horses, worms, and viruses). Ubuntu Policy requires that [[https://wiki.ubuntu.com/SecurityTeam/Policies#Execute-Permission%20Bit%20Required|software not marked as executable not be runnable]]. One of the most common ways you will see this is by having a package ship a {{{.desktop}}} file for a Mime``Type which executes the target file (.EXE, .JAR, etc). This is not allowed unless the target file is already executable (or installed by a trusted software repository). |
Other languages: Español
Software and software installers in Ubuntu need to be marked as "executable" in order to be treated as runnable programs. This indicates to Ubuntu that the file is actually software and is trusted. Normally and preferably software should be installed using the Ubuntu Software Center which is the primary source of software in Ubuntu.
You should only mark a file as executable via the file permissions if you know what you are doing.
Files from outside the supported software repository are not marked as "executable" since they did not get installed via a trusted source. Because of this, attempting to open/run downloaded files that are software will fail. These files are blocked for security reasons to help unsuspecting users avoid malware (i.e. malicious software like trojan horses, worms, and viruses).
Ubuntu Policy requires that software not marked as executable not be runnable. One of the most common ways you will see this is by having a package ship a .desktop file for a MimeType which executes the target file (.EXE, .JAR, etc). This is not allowed unless the target file is already executable (or installed by a trusted software repository).
Read user comments.
Security/ExecutableBit (last edited 2014-05-01 12:47:50 by fitojb)