I am not a KDE dev, but interested in that topic.

To partiticipate you can sign up in the forum, and maybe stay a bit and help other users ;)

  • mox
    link
    fedilink
    2
    edit-2
    4 months ago

    Sandboxing them, having a manual review process, would help. But that is a TON of work.

    This is why it would make sense to have a restrictive and simple API that supports basic extensions with little oversight. Configuration only; no executable code.

    For the small minority of add-ons that would require executable code, there could be a separate API with a more involved installation process, making it obvious to the user that the trust and risk levels are different from the above. A sandbox feature could perhaps be developed in the long run, but that is indeed a ton of work and hard to get right, and isn’t really necessary for this approach to be effective. Just having a software-style installation process (e.g. through a distro’s package manager) and different APIs would go a long way toward protecting users.