68
Removal of Deepin Desktop from openSUSE due to Packaging Policy Violation (security.opensuse.org)
submitted 1 month ago by exu@feditown.com to c/linux@lemmy.world
3 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] sxan@midwest.social 18 points 1 month ago

Hooo-ly shit, that's a concerning read. I have to go blacklist Deepin; it's in Arch extra/.

The whole article is concerning, but this part was really scary:

The service methods were not only unauthenticated and thus accessible to all users in the system, but the D-Bus configuration file also allowed anybody to own the D-Bus service path on the system bus, which could lead to impersonation of the daemon. Among other issues, the D-Bus service allowed anybody in the system to create arbitrary new UNIX groups, add arbitrary users to arbitrary groups, set arbitrary users’ Samba passwords or overwrite almost any file on the system by invoking mkfs on them as root, leading to data loss and denial-of-service.

this post was submitted on 08 May 2025
68 points (98.6% liked)

Linux

11110 readers
28 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world