[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology


Thread archived.
You cannot reply anymore.


[Advertise on 4chan]


File: krashde.png (174 KB, 1004x877)
174 KB PNG
new arbitrary code execution allows for code execution To break sandboxes With "open new window"
https://blog.kimiblock.top/2026/07/01/arbitrary-code-execution-in-kde-plasma/
https://www.phoronix.com/news/KDE-Plasma-ACE-New-Window
>>
>>109259649
If your flatpack application can overwrite .desktop files in ~/.local/share/application it could also overwrite ~/.bashrc

It's a complete non-issue and you are an idiot if you fall for this.
>>
I only care about someone from the outside being able to put malware on my computer. I do not download and run malware. I also don't care about CPU vulnerabilities with names similar to world atomic holocaust (they need these names to scare) because I do not run malware on my computer. I never update the BIOS because I never touch a winning horse and because I don't run malware.
>>
>>109259649
Give me a way to fully disable this app sandbox crap for everything but the web browser and I'll do it. If sandboxed apps have full access to stuff in my profile directory, I don't give a shit if malware has access to mess up my OS install or see what's in other windows on my screen, my data is far more valuable. If they don't have access to my data, most apps become useless.

The only real exception is the web browser, since it's running untrusted Javascript all the time. And it can have a more clever sandbox where it spawns separate processes when I activate a prompt to upload or download a file, and otherwise it can be denied access to everything.
>>
>>109259803
no it cant home permissions != ~/.local/share/application:rw

krashde jeets are just terrible at security https://www.bleepingcomputer.com/news/linux/kde-advises-extreme-caution-after-theme-wipes-linux-users-files/
>>
>>109261730
Are you going to write a CVE about ~/.bashrc allowing arbitrary code execution? If not, why not?

Maybe you are the one terrible at security. Maybe your thought, that you could make /home writeable for an application without that application having your users rights, is inherently retarded?
If you want to sandbox an application, run it as a different user. Then if you want to share files with that application, make a folder and common group that is accessible to both users.
Stop running after non-issues.



[Advertise on 4chan]

Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.