cross-posted from: https://lemmy.ml/post/13397700
Malicious KDE theme can wipe out all your data
Or is it just buggy?
Seems like a ~~blessing ~~ glaring kde bug, I mean how is it possible? Why a theme needs to be able to execute shell commands?
Themes are very powerful beings in KDE. they can install SDDM themes and scripts, they can set Kvantum themes, custom parameters for other parts of the system etc.
You can’t really do that shit without scripting
On the Reddit thread people, at least one of them tagged as a KDE dev, mentions that widgets NEED to be able to run arbitrary code. I am absolutely baffled by this.
Aren’t widgets pieces of software? Of course they have to run code. But they need to be isolated, or at the very least not have sudo access.
I thought wayland was supposed to improve security. Were the past 18 years a lie?
This is such a dumb comment. Jesus.
“I thought passwords were meant to improve security! So how come I got a virus???”
This has literally nothing to do with wayland.
Bro does not know what a display server does
They should be more specific. This is just false advertising.
Um, this is like saying full disk encryption is false advertising, because it doesn’t prevent people blowing up your apartment complex. LOL.
Sorry, dude, I cannot resist. No hate to you, we all need to start from somewhere.
Wayland isn’t a product. You’re gonna have to get your mind out of capitalism to understand the free software community.
>muh capitalism
Ok commie