But if we're gonna pull the usual semi-cliched..."re-write the kernel in Rust - C is old & sucks!" line of thought here...
Reddit is full of such 'debates' i'd believe
smurphos is certainly not wrong above (why would he be)?
Not every malware author wants to be 'obvious', which would be the case if it encrypted $HOME as soon as possible.
A smart malware can very much well 'wait' to actually do it's tricks,
and have it's actual workflow / main body of instructions triggered much later on.
Such trigger could be whatever further common user interaction (eg. like making a copy of a launcher).
Good things come to those who wait after all...
smurphos is also further absolutely right in the...
...An additional ExecHash= key to the .desktop spec could work wonders....ramifications on fixing it fully on UX - this isn't just a File manager issue,
it could potentially affect any part of the system that use the .desktop spec...
Compare value there eg. with contents under /var/lib/dpkg/info/ before running Exec= line.
Since hashes would already be 'known' to the system for already pre-installed packages, you'd also avoid annoyances like:
"...installing a new distro and then being presented with a dialog the first time,
you try and fire up Firefox from the menu asking the user if they trust the launcher..."
Ie. essentially extend the .desktop mechanism to further act, up to a certain point,
as a layer of 'protection' from quickie-double-clickie-clickie end-users.
Unless something is actually installed (root access), but only locally unpacked,
.desktop files by default get to execute...nothing without manual review & explicit permission.
My point being in short, is that i don't really think the 'location' or 'copy' thereof is really the culprit here.
Problem is, contents in Exec= line can be almost anything...and not verified.
Nothing overkill in the slightest above: end-user obviously can still launch script / exe directly if that's what's desired.
If he/she does so without examining such first though, in a zomg-ho-hum-launch-photon-torpedoes manner...
yeah, well, what can we do now: there's no cure for human pebkac.
...Here i will certainly agree with rene though: although all of this is...ahem, 'nice' in theory,
and if nothing else, plenty of cool ideas & suggestions could be made...if history is an indicator, then:
no, please don't propose such. I'm fairly confident gnome / freedesktop & friends,
would eventually pull some kind of Theo-de-Raadt style security paranoia,
and 'we' would end up with something 10x more convoluted / broken than desired...
I mean, there's a reason i mentioned the 'can't launch my own pie exes' opposite-style ridiculousness above...