• :arch: bitterseeds@fosstodon.org
    link
    fedilink
    arrow-up
    4
    ·
    8 months ago

    @possiblylinux127 @wisha And how would sandboxing a malicious script inside a theme that is supposed to change the look of your desktop work? They installed and ran something that rm’d their home directory. I’m honestly curious how you’d solve this.

    • wishaOP
      link
      fedilink
      arrow-up
      9
      ·
      8 months ago

      A more locked-down theming API could help. For example Firefox themes are always 100% safe to install. That said, Firefox themes are almost useless (they’re more like color schemes lol), and no one wants to lose KDE’s powerful customizability so 🤷🤷

      • Canary9341
        link
        fedilink
        arrow-up
        4
        ·
        8 months ago

        Perhaps having different categories with different limitations would work well. Using the firefox example, prioritize the use of WebExtensions, but keep XUL/XPCOM with appropriate warnings.

      • JackGreenEarth@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        8 months ago

        What do you mean? I have Firefox themes that change the whole look of the browser, using userchrome.css.

      • :arch: bitterseeds@fosstodon.org
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        @wisha I think more moderation/screening of these things would help. We’re far to trusting about things still and in this day and age where things like this just tickle the person who did it … some sick folks in the world so we have to be a bit more vigilant.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      If it ran in a sandbox it would just wipe its own files instead of the system. Under no circumstances should a plugin from some random guy online be running with such high privileges