new arbitrary code execution allows for code execution To break sandboxes With "open new window"https://blog.kimiblock.top/2026/07/01/arbitrary-code-execution-in-kde-plasma/https://www.phoronix.com/news/KDE-Plasma-ACE-New-Window
>>109259649If your flatpack application can overwrite .desktop files in ~/.local/share/application it could also overwrite ~/.bashrcIt's a complete non-issue and you are an idiot if you fall for this.
I only care about someone from the outside being able to put malware on my computer. I do not download and run malware. I also don't care about CPU vulnerabilities with names similar to world atomic holocaust (they need these names to scare) because I do not run malware on my computer. I never update the BIOS because I never touch a winning horse and because I don't run malware.
>>109259649Give me a way to fully disable this app sandbox crap for everything but the web browser and I'll do it. If sandboxed apps have full access to stuff in my profile directory, I don't give a shit if malware has access to mess up my OS install or see what's in other windows on my screen, my data is far more valuable. If they don't have access to my data, most apps become useless.The only real exception is the web browser, since it's running untrusted Javascript all the time. And it can have a more clever sandbox where it spawns separate processes when I activate a prompt to upload or download a file, and otherwise it can be denied access to everything.
>>109259803no it cant home permissions != ~/.local/share/application:rwkrashde jeets are just terrible at security https://www.bleepingcomputer.com/news/linux/kde-advises-extreme-caution-after-theme-wipes-linux-users-files/
>>109261730Are you going to write a CVE about ~/.bashrc allowing arbitrary code execution? If not, why not?Maybe you are the one terrible at security. Maybe your thought, that you could make /home writeable for an application without that application having your users rights, is inherently retarded?If you want to sandbox an application, run it as a different user. Then if you want to share files with that application, make a folder and common group that is accessible to both users.Stop running after non-issues.