The attack described in tails/tails#20733 works there too: `Gio.DesktopAppInfo.new("org.boum.tails.AdditionalSoftware.desktop")` ## Summary ### Impact The attacker can run privileged operations on the Persistent Storage, including silently activating more features, thus persisting more data, which can in turn lead to more paths to future exploitations. Also, most of the user impact of https://gitlab.tails.boum.org/tails/tails/-/issues/20710#user-impact probably applies here as well. ### Availability Those conditions must be satisfied: - the attacker is already amnesia-level - the user has a Persistent Storage - the user manually clicks on the gear to configure Additional Software ([citation needed](https://gitlab.tails.boum.org/tails/tails/-/issues/20745#note_252427)) ## Reproduce Create `/home/amnesia/.local/share/applications/org.boum.tails.AdditionalSoftware.desktop`: ```ini [Desktop Entry] Type=Application Name=Additional Software Comment=Configure the additional software installed from your Persistent Storage when starting Tails Exec=/bin/sh -c 'id > /tmp/EXPL; id > /home/amnesia/EXPL' Icon=package-x-generic Terminal=false Categories=System;Tails; ``` When configuring persistent storage, click on the gear button:  you'll see `/tmp/EXPL`