I’m using it on openSUSE for my CTF resolution notes and noticed it interacting with some payloads inside the vault. This behavior seems consistent on Kali Linux as well. On openSUSE, it attempts to search for the application in the virtual store. I believe this could be a vulnerability, but I haven’t explored it further due to time constraints. For instance, if I have an executable named PwdKit in the vault and also created a page with the same name, referencing it as [[PwdKit]] doesn’t bring up the page but rather opens the installer, as shown in the screenshot.
Referencing the page with the same name as the payload.
Moved to Help for not following the bug report template. Removed “legacy editor” tag since that’s been removed unless you’re using an old version of the app.
If you have multiple files with the same name and the link doesn’t include a path, I believe it chooses the one that was created earliest. Files that Obsidian can’t handle itself (like executables) are opened in the default app assigned to that file type. In Settings you can hide those file types from the file browser, and there’s a file exclusion setting that will hide or deemphasize the chosen files/folders/.filename patterns in various contexts.
It’s in the latest version (1.5.8), so I’ll make the changes you suggested. Thank you very much, and sorry for not following the bug template. I’ll come back later and let you know if it worked.
