• Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    4
    ·
    8 months ago

    This is why we need sandboxing. Right now the Linux desktop is still lacking in terms of security

    • :arch: bitterseeds@fosstodon.org
      link
      fedilink
      arrow-up
      4
      ·
      8 months ago

      @possiblylinux127 @wisha And how would sandboxing a malicious script inside a theme that is supposed to change the look of your desktop work? They installed and ran something that rm’d their home directory. I’m honestly curious how you’d solve this.

      • wisha@lemmy.mlOP
        link
        fedilink
        arrow-up
        9
        ·
        8 months ago

        A more locked-down theming API could help. For example Firefox themes are always 100% safe to install. That said, Firefox themes are almost useless (they’re more like color schemes lol), and no one wants to lose KDE’s powerful customizability so 🤷🤷

        • JackGreenEarth
          link
          fedilink
          English
          arrow-up
          4
          ·
          8 months ago

          What do you mean? I have Firefox themes that change the whole look of the browser, using userchrome.css.

          • Kayn@dormi.zone
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            8 months ago

            That’s obviously not what OP was referring to when mentioning “Firefox themes”.

            • JackGreenEarth
              link
              fedilink
              English
              arrow-up
              1
              ·
              8 months ago

              Maybe, I was showing that there were better ways to theme Firefox though

        • Canary9341@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          8 months ago

          Perhaps having different categories with different limitations would work well. Using the firefox example, prioritize the use of WebExtensions, but keep XUL/XPCOM with appropriate warnings.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        8 months ago

        If it ran in a sandbox it would just wipe its own files instead of the system. Under no circumstances should a plugin from some random guy online be running with such high privileges