Reddit - Dive into anything
www.reddit.com
  • jherazob@beehaw.orgEnglish
    123·
    4 months ago

    On the Reddit thread people, at least one of them tagged as a KDE dev, mentions that widgets NEED to be able to run arbitrary code. I am absolutely baffled by this.

    • Michal@programming.dev
      22·
      4 months ago

      Aren’t widgets pieces of software? Of course they have to run code. But they need to be isolated, or at the very least not have sudo access.

        • Zamundaaa@discuss.tchncs.deEnglish
          11·
          3 months ago

          Widgets aren’t themes. They’re things on your desktop that people are using for example for showing a folder - and if that can’t interact with the system, that widget’s functionality is broken.

          Of course, that should not apply to install scripts or the like, which shouldn’t be a thing at all really. And it should be made a lot more obvious which downloadable things can execute code / which ones are “guaranteed” safe and which ones may not be.

      • baseless_discourse@mander.xyz
        1·
        3 months ago

        I think the theme mentioned probably don’t have sudo access, just user access can do enough harm already.

        I think rm command should refuse to remove overly-broad target (home, xdg dirs, media drives) without confirmation in the command line.

        • ReversalHatchery@beehaw.orgEnglish
          1·
          3 months ago

          Ok, then a bad actor could enumerate all the subdirs and delete them one by one.

          Even if going down this path would be a good solution, I don’t think this is rm’s job to do. This should be done by an antivirus a security suite. I think I have read that for the past few years the kernel now has a better API than inotify to get notified by file operations. I don’t remember it’s name, but I think it was even mentioned in the docs that security software is a use case of it

          • baseless_discourse@mander.xyz
            2·
            3 months ago

            This is not a defense against bad actor, but defense against bugs in bash script, which is quite common. Another idea is to introduce a new trash command xdg-trash to replacerm. But both of these cannot stop malicious actors removing your file.

            I think even if we have a security suite, it is unlikely to detect bad actor recursively enumerating the file and delete them one by one, until many files were irrversably lost.

            Antivirus has never been a proper way to achieve security, I think the proper way to defend against offensive rm is probably sandboxing.