Malicious KDE theme can wipe out all your data

www.reddit.com Blocked

Or is it just buggy?

Linux @lemmy.ml wisha @lemmy.ml 8 mo. ago

www.reddit.com /r/kde/comments/1bixmbx/do_not_install_global_themes_some_wipe_out_all/

33 comments

Great time to mention tools like testdisk that can easily recover data that has been recently deleted on common filesystems.
This is why we need sandboxing. Right now the Linux desktop is still lacking in terms of security
- @possiblylinux127 @wisha And how would sandboxing a malicious script inside a theme that is supposed to change the look of your desktop work? They installed and ran something that rm'd their home directory. I'm honestly curious how you'd solve this.
  
  A more locked-down theming API could help. For example Firefox themes are always 100% safe to install. That said, Firefox themes are almost useless (they’re more like color schemes lol), and no one wants to lose KDE’s powerful customizability so 🤷🤷
  
  If it ran in a sandbox it would just wipe its own files instead of the system. Under no circumstances should a plugin from some random guy online be running with such high privileges
  
  SELinux? Apparmor? (Serious question, I don't know if there might be features that render those two inadequate)
Not malicious. Just buggy -- a downright nasty bug, but a bug.
Reading the comments, looks like bad/old code mixed with a big update rather than anything malicious. I even ran into themes that killed my KDE last night. Had to purge the configs themes to get it working. Damn glad I didn't wipe my entire setup.
- Correct. The theme creator missed a variable that is not part of the Plasma environment anymore, and instead of running
  
  rm -Rf [something]
  
  it run
  
  rm -Rf
  
  😬
Extensions need to follow standards, and be installed as non-executable files in defined categories.

Everything else has to be removed or behind a huge warning.
- That is not possible. widgets and Global themes have to be able to execute code to work.
  
  By the way: the code was not malicious, just badly written.
  
  @Bro666 @Pantherina
  Yes, but why this code have full axess and not running in a sandbox where the axess is limited, like with Flatpack packages?
  
  Why do global themes need to do that? Arent they just color and image files, maybe audio?
  
  It doesnt really matter if the code was malicious or not, this should not be possible.
  
  Another example of how damn insecure linux is. Just because its not the snap store, we dont have tons of malicious addons on pling.
I thought wayland was supposed to improve security. Were the past 18 years a lie?
- Uhm, Wayland improves security but its just one component. Will a bash script work the same on Wayland as on XOrg? Yes.
- You must have heard that old chestnut about how "the weakest security link in the security chain is the user" by now. There is nothing any technology can do if the user decides to install insecure stuff. Even before today, the KDE Store prominently displayed warnings about being careful with the content.

You've viewed 33 comments.