https://bugs.kde.org/show_bug.cgi?id=480112
--- Comment #4 from Benjamin Flesch <benjaminfle...@icloud.com> --- I did build a proof-of-concept for the "wallpaper plugin" type, and did a survey of 10.000 themes from shop.kde.org which found ~10 packes with .exe files that show as virus on virustotal.com (these have been removed by plink), and various packages with .so library files, shell scripts (.sh) and python scripts. Currently to me it seems anything goes and the whole security theatre depends on the operations of plink, who - as I've shown - don't even scan the packages with conventional antivirus scanners. Another big problem is that the plasma dialogs all show "most recently uploaded" themes/plugins right at the top, so it's easy for an attacker to get initial infections. >From my perspective, the QML surface & code execution capabilities of packages installed via the plasma store(s) should be severly limited on the plasma side. There should be two types of QML: trusted QML and untrusted QML. Trusted QML only for packages signed by the plasma devs. Untrusted QML for everyone. I'll try to find more security vulnerabilities in plasma to make the architects of the current thing reconsider their choices. Also the biggest security risk, a compromise of plink gmbh (a private company) and then a deployment of malicious updates for *all* themes at the same time will be installed via discover software center "plasma addons" section to many KDE users. Targeted attacks on KDE/plasma devs with the current design are also a realistic thing. -- You are receiving this mail because: You are watching all bug changes.
