187
submitted 8 months ago by wisha@lemmy.ml to c/linux@lemmy.ml

cross-posted from: https://lemmy.ml/post/13397700

Malicious KDE theme can wipe out all your data

Or is it just buggy?

you are viewing a single comment's thread
view the rest of the comments
[-] node815@lemmy.world 44 points 8 months ago

For those that don't want to go back to the Dark side (Reddit), the post referenced a theme (Grey Layout global theme) which got KDE Dev's involved who in reaction removed the listing from the store.

In short - the theme ran code to run a rm -rf on the user's drive which wiped everything during install. Aside from backing up your data religiously, be sure to inspect the code instead of blindly installing for now. KDE Dev's said they will need to do better so I expect some changes are afoot to provide better security.

[-] MonkderZweite@feddit.ch 22 points 8 months ago* (last edited 8 months ago)

Why can a theme execute code??

edit: it was the package that did it?

[-] governorkeagan@lemdro.id 9 points 8 months ago
[-] danielquinn@lemmy.ca 3 points 8 months ago

Ooh! Thanks for this! I had no idea it existed.

this post was submitted on 20 Mar 2024
187 points (96.5% liked)

Linux

48334 readers
657 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS