Linux

48033 readers

1133 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

185

Malicious KDE theme can wipe out all your data (www.reddit.com)

submitted 7 months ago by [email protected] to c/[email protected]

53 comments fedilink hide all child comments

cross-posted from: https://lemmy.ml/post/13397700

Malicious KDE theme can wipe out all your data

Or is it just buggy?

you are viewing a single comment's thread
view the rest of the comments

[+] [email protected] -36 points 7 months ago (6 children)

I thought wayland was supposed to improve security. Were the past 18 years a lie?

[–] [email protected] 27 points 7 months ago

This has literally nothing to do with wayland.

[–] [email protected] 15 points 7 months ago

This is such a dumb comment. Jesus.

"I thought passwords were meant to improve security! So how come I got a virus????"

[–] [email protected] 8 points 7 months ago (1 children)

Bro does not know what a display server does

[–] [email protected] -5 points 7 months ago (2 children)

They should be more specific. This is just false advertising.

[–] [email protected] 5 points 7 months ago* (last edited 7 months ago)

Um, this is like saying full disk encryption is false advertising, because it doesn't prevent people blowing up your apartment complex. LOL.

Sorry, dude, I cannot resist. No hate to you, we all need to start from somewhere.

[–] [email protected] 0 points 7 months ago* (last edited 7 months ago) (1 children)

Wayland isn't a product. You're gonna have to get your mind out of capitalism to understand the free software community.

[–] [email protected] 0 points 7 months ago (1 children)

>muh capitalism
Ok commie

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

You're literally on a communist instance of Lemmy.

[–] [email protected] 5 points 7 months ago (1 children)

This is different from the Wayland security model, as Wayland restricts the ability for clients to modify and read from other clients arbitrarily. This is an extension to a Wayland compositor, and as all extensions do, it contains code which runs on your system. Any code, unless sandboxed, can access your filesystem no matter if it's run under Wayland, X11, or no windowing system at all for that matter.

[–] [email protected] 8 points 7 months ago* (last edited 7 months ago)

It is not related to Wayland or the compositor in any way. This is a plasmashell extension.

Similar caveats do apply to KWin scripts and effects though

[–] [email protected] 2 points 7 months ago

wayland was not about avoiding applications accessing resources or running scripts (that is why sandboxing is for) but to avoid programs to have access to the rest of the graphical session (things like input devices and other graphical windows and their data)

[–] [email protected] 1 points 7 months ago

It does, when the bad actor is a program you run, and other open windows contain sensitive content.

Here the bad actor is code being loaded as an extension to the compositor. A bit like a kernel module, which can bypass file access permissions if it wants.