.DirIcon not shown if not owned

[step-]

I customize the folder icon by adding a png icon as file .DirIcon. Normally it works, but sometimes it doesn't and rox continues to display the default icon for the folder. To fix this I change user and group of file .DirIcon to the current user's. Immediately after this change rox displays the new icon as the folder icon.

Do you think you can fix this, please?

---

running as user root

---

add icon (owner's user id 510)

---

you see that the window icon is unchanged
now change the owner and group to root's

---

you see that now the window icon is changed as it should be

---

[jun7]

It is caused by following line

rox-filer/ROX-Filer/src/diritem.c

Line 386 in 67c9484

if (mc_lstat(pathbuf, &info) != 0 || info.st_uid != uid)

So removing info.st_uid != uid solves it but the comment on the src says

         * .DirIcon and AppRun must have the same owner as the
	 * directory itself, to prevent abuse of /tmp, etc.
	 * For symlinks, we want the symlink's owner.

I don't know how abuse it though.

[step-]

Me neither, I don't know how a ROXapp could abuse /tmp or viceversa. Perhaps he's pointing out /tmp because everyone can write files and folders in /tmp but I still don't understand how that could lead to abuse.
Anyway, if security is a concern, even if we don't understand the details, it's reasonable to enforce same user's ownership. Then you can close this issue with no changes. Thanks for looking at this.