Announcement

Collapse
No announcement yet.

KDE Neon Makes It Easier To Now Try Plasma On Wayland

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by funkybomber View Post

    Well, if this causes a local root escalation security hole, that is something to take into consideration.
    However I am the only having access to my PC, so I think local attacks should be a non issue. Am I wrong in my reasoning?

    If there was a possibility of a remote attack when using X11 applications as root that would be a different story...
    Yes, you are wrong with your reasoning. That you are the only one having physical access does not mean that you are the only one having local access. A script, loaded from a website, running in your browser is running locally. A security problem in Flash, an email client, an image or PDF viewer can cause malicious code to be run on your machine, read: locally. And so on, ... .
    You need to get away from the physical worldview when working with computers.

    Comment


    • #42
      Originally posted by starshipeleven View Post
      Oooh, I like this too. Does it work for all root-user files or just for system files? (like say for documents or images)
      Yes. It works for any non-writable file. It is implemented for KTextEditor part of KF5, so it works for Kate, KWrite and Krusader internal editor (or any other text editor using this part of framework). I'll just add that this functionality is supported since KDE Frameworks 5.34.


      Originally posted by Nth_man View Post
      > You should NEVER run X11 application as root. It opens a local root escalation security hole that is trivial to abuse.

      Only if you are already running malware.

      You should NEVER run malware.
      Nobody knowingly runs malware. There are for instance a lot of attacks on the web, that can install and run ANY malware on your PC through your browser just by opening a web page. These security holes are of course continuously found and fixed but before that they can be exploited.

      Comment


      • #43
        Originally posted by MoonMoon View Post

        Following that logic, no "proper" distribution should ever have switched from Gnome 2 to Gnome 3. since it definitely broke workflows.
        That's a good point you're making. What is a "proper" distribution? I'm not sure I can really answer that, but let me give it a try. Perhaps a "proper distribution" is simply a distribution of such a high quality, consistency and user friendliness that manages to keep the majority of its users happy in each iteration despite small or major changes in the DE.

        Linux Mint is a good example of that: when they saw that Gnome 3 was not heading to the direction that they needed it to be for their users, they just bit the bullet and developed MATE to have a modern "Gnome 2" DE for their users. Kudos to them. These are the lengths that a "proper" distro goes to, to protect its users and their workflows.

        Comment


        • #44
          Originally posted by MoonMoon View Post
          Following that logic, no "proper" distribution should ever have switched from Gnome 2 to Gnome 3. since it definitely broke workflows.
          Now that would have been an alternate reality I'd have liked to live in.

          Comment


          • #45
            Originally posted by kotelnik View Post
            Nobody knowingly runs malware. [...]
            For a start, when quoting people, their ":-)" should not be cut; we know, they are written for a reason.

            Comment


            • #46
              Originally posted by Nth_man View Post

              For a start, when quoting people, their ":-)" should not be cut; we know, they are written for a reason.
              I can see now that I misunderstood your post completely. Sorry about that.

              Comment


              • #47
                Originally posted by Nth_man View Post

                For a start, when quoting people, their ":-)" should not be cut; we know, they are written for a reason.
                I can see now that I misunderstood your post completely. Sorry about that.

                Comment


                • #48
                  Originally posted by Nth_man View Post

                  For a start, when quoting people, their ":-)" should not be cut; we know, they are written for a reason.
                  I can see now that I misunderstood your post completely. Sorry about that.

                  Comment


                  • #49
                    Originally posted by starshipeleven View Post
                    Now that would have been an alternate reality I'd have liked to live in.
                    Wouldn't that mean no Wayland? lol

                    Comment

                    Working...
                    X