@possiblylinux127@wisha And how would sandboxing a malicious script inside a theme that is supposed to change the look of your desktop work? They installed and ran something that rm’d their home directory. I’m honestly curious how you’d solve this.
A more locked-down theming API could help. For example Firefox themes are always 100% safe to install. That said, Firefox themes are almost useless (they’re more like color schemes lol), and no one wants to lose KDE’s powerful customizability so 🤷🤷
Perhaps having different categories with different limitations would work well. Using the firefox example, prioritize the use of WebExtensions, but keep XUL/XPCOM with appropriate warnings.
If it ran in a sandbox it would just wipe its own files instead of the system. Under no circumstances should a plugin from some random guy online be running with such high privileges
@possiblylinux127 @wisha And how would sandboxing a malicious script inside a theme that is supposed to change the look of your desktop work? They installed and ran something that rm’d their home directory. I’m honestly curious how you’d solve this.
A more locked-down theming API could help. For example Firefox themes are always 100% safe to install. That said, Firefox themes are almost useless (they’re more like color schemes lol), and no one wants to lose KDE’s powerful customizability so 🤷🤷
Perhaps having different categories with different limitations would work well. Using the firefox example, prioritize the use of WebExtensions, but keep XUL/XPCOM with appropriate warnings.
What do you mean? I have Firefox themes that change the whole look of the browser, using userchrome.css.
That’s obviously not what OP was referring to when mentioning “Firefox themes”.
Maybe, I was showing that there were better ways to theme Firefox though
If it ran in a sandbox it would just wipe its own files instead of the system. Under no circumstances should a plugin from some random guy online be running with such high privileges
@possiblylinux127 I was asking how you’d run something that modded the whole UI … sandboxed.
You would need to expose some sort of hook that allows modifications
SELinux? Apparmor? (Serious question, I don’t know if there might be features that render those two inadequate)