18.04: "untrusted launcher" -- how to make it *permanently* trusted

[Little Girl]

Hey there,

Robert Heller wrote:

>At Sat, 27 Apr 2019 08:27:40 -0400 (EDT) Robert Heller
><heller at deepsoft.com> wrote:
>> 
>> I recently upgraded a batch of diskless workstations to Ubuntu
>> 14.04 using DRBL.  Everything is working well, except for one
>> small problem:  We have some launcher files (.desktop) files in
>> the login account Desktop folder, but even though they are chmod
>> +x (and some are in fact direct copies
>> from /usr/share/applications) they come up as "untrusted".  (And
>> yes, they are properly owned by the user and group, etc.).  They
>> work, once you click "Trust and execute", but they become
>> untrusted again on reboot.  
>
>OK, some additional web searching shows that this is a "security
>feature" of Gnome3.  Argh!  This is a serious pain for someone
>managing a batch of desktops (I guess it make some sense for
>relatively brainless people running Linux on their home machines).
>But it makes things difficult for a system admin like me.  I am also
>wondering if the fact that the /home file system is NFS mounted is
>causing problems.
>
>Has *ANYONE* else had this issue?

Is this (admittedly old) page of any use?

https://askubuntu.com/questions/10395/untrusted-application-launcher

Maybe this one will be of more use:

https://askubuntu.com/questions/1056591/how-to-mark-desktop-file-as-trusted-in-18-04

This seems to be the actual explanation for the issue and it's pretty
horrifying despite the disclaimers that it's all in our best interest:

https://www.omgubuntu.co.uk/2018/05/nautilus-remove-ability-launch-binaries-apps

Now I'm even more glad I use Ubuntu MATE (with the Caja file manager)
and am planning on switching to Kubuntu (with the Dolphin file
manager) shortly. I've never been a fan of vanilla Ubuntu and have
always used one or another of its "flavors" instead.

-- 
Little Girl

There is no spoon.