Announcement

Collapse
No announcement yet.

KDE Plasma 5.22 Released With Much Better Wayland Support, Usability Enhancements

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by Citan View Post
    When you install lots of additional services and displays an "all in one" 'other' menu for the sole purpose of falsely demonstrating something that goes right with your personal hatred of KDE... Sure.

    For normal users with default KDE configurations in most distros? Barring the non-display by default of menubar (which is honestly one of the worst things one could do in terms of UX, LOTS of users I show KDE are lost because of that and everhappy once I reactivate it), Dolphin and other applications are intuitive enough to use.
    ...and you can always do as ex-Konqueror-3.5-users like me did after Konqueror 4.x was a forest of papercuts... install PCManFM on KDE and set that as your file manager. It's even got a Qt version these days.

    Comment


    • #42
      Originally posted by Danny3 View Post
      I want at least a pop-up window to ask me when some program tries to access my webcam, mike, location.
      And then have a list with all of them, like a table with the program name and which devices it I have given / denied it to access.
      Something similar to how it is on Android.
      I don't know what Flatpak is trying to solve because I have not seen any pop-up to ask for my permission for anything.
      Flatpak is a system of technologies that's working to retrofit Linux with an APK-like packaging system, including "a single package will just install and work on any distro" and "Applications are sandboxed by default and permissions are then granted... with prompts if appropriate".

      Prompts are taking longer because there are more moving parts to coordinate and they wanted to prioritize getting a critical mass of packages that Just Work™ at least as well as the older packages without the ability to sandbox things.

      (That's why a lot of Flatpak packages grant overly broad permissions. They want to get past that chicken-and-egg problem by making a good first impression of the packages' usability, you can always use Flatseal to tighten the permissions, and they lock down the default permissions later as the patches to make the prompting work better get upstreamed.)

      That's also why you haven't seen any prompts. Because the goal is to make it so you don't notice anything different if possible... things are just more secure.

      A good example of that is the file chooser portal. GTK and Qt have been retrofitted so that, if an application is using GtkFileChooserNative or QFileDialog without Option::DontUseNativeDialog, then GTK or Qt will transparently hand off to the XDG Portal system.

      If you've found something where Flatseal says it has no filesystem permissions but the Open/Save dialogs still show the entire filesystem, that's what's going on:
      1. The application asks for an Open/Save dialog using the same GTK/Qt API as always
      2. GTK or Qt detects that it should use portals and makes a D-Bus call to the file chooser portal
      3. The privileged code outside the sandbox (provided by xdg-desktop-portal-kde) displays the standard KDE open/save dialog
      4. When you click OK, xdg-desktop-portal-kde mounts what you picked into the sandbox before replying to the D-Bus call with the path you picked.
      5. The application inside the sandbox never even notices there's any sandboxing going.
      If you want something visibly different, one example would be triggering off xdg-open inside a Flatpak sandbox. For example, asking the Flatpak release of the Deluge torrent client to open a downloaded file. The first time you do for a given combination of sandboxed application and file type, you'll get a dialog reminiscent of an Android app picker which is provided by xdg-desktop-portal-kde.

      Adding prompts for audio and video access is going to be handled by Pipewire, which is like PulseAudio but for both audio and video... and the current state of things is so primitive (let the application open /dev/video0 directly if it wants camera access) that the same CUSE-based "proxy access to the old API like osspd did for OSS APIs" code that is needed for implementing backwards compatibility in Pipewire is also the code they'd have to write for a temporary hack for the current solution.

      Originally posted by Danny3 View Post
      Even after I have installed Flatseal.
      Flatseal has nothing to do with popups. It's just a graphical frontend to the flatpak override subcommand used for changing the manifest permissions. (i.e. the ones that you're prompted for on installation.)

      Originally posted by Danny3 View Post
      For location, I want to stop programs from getting the list of Wifi networks around me and send it online to get my precise location.
      This is a huge risk for me and my family privacy and security.
      The problem is that the underlying APIs are not designed with prompting in mind and they don't want to commit to supporting a temporary hack out into the indefinite future alongside the proper fix, so things like "network access" are an all-or-nothing thing until they've finished designing and pushing out the finished solution.

      (I've mentioned that I'd like to see Flatpak gain the ability to grant access to the public Internet while denying access to stuff that's obviously part of the local LAN.)

      Locking down network access in more fine-grained ways is lagging behind some of the other things which are more relevant to protecting you from bad actors who don't respond to the passing of laws like the GDPR. (i.e. They're prioritizing catching up with stuff that's already a solved problem on Android.)

      Originally posted by Danny3 View Post
      Firefox is probably the only nice program that asks you by itself when some website want you access your webcam / mike / location, but why should we rely on a program to implement this kind of permissions ?
      Because a web browser is essentially an operating system within your operating system and has the luxury of not having to maintain compatibility with legacy programs written against an older, more naive version of that API.

      In the browser, if the new API's not ready, websites just can't do it.

      Same reason Android and iOS are much better at sandboxing applications than Windows, Linux, and macOS. They didn't have an ecosystem of legacy applications to avoid breaking when they did it. (And retaining compatibility with legacy applications is why the progression of "near-monopoly desktop platform" went "MS-DOS → Win3.1x → Win9x → WinXP → ...". Backwards compatibility is a huge competitive advantage and Microsoft knows it.)

      Originally posted by Danny3 View Post
      I had to put tape on my webcam and mike because KDE Plasma does absolutely nothing to protect me against programs that want to grab video or audio from my home.
      Hopefully things will improve in the future.
      That's like saying "I had to put tape on my webcam and mike because Dolphin does absolutely nothing to protect me against programs that want to grab video or audio from my home". You're pointing your finger at the wrong component.

      xdg-desktop-portal-kde is the component that's responsible for providing KDE-native GUIs for the desktop-agnostic undercarriage responsible for those sorts of prompts. ("XDG Portals" is the name of the system that's being retrofitted as a counterpart to Android's Intents system.)
      Last edited by ssokolow; 09 June 2021, 12:36 PM.

      Comment


      • #43
        I don't care or have Wayland into my system, and didn't notice any special changes (apart from the different lock screen, which was set as default, but that is basically a wallpaper), but the application menu got rid of that weird delay when you hover the mouse and feels super snappy now, so that's a slight but tangible improvement.

        Comment


        • #44
          i using gentoo i have some problems of prior version:
          1.) spelling accents in some programs like : konsole, telegram-desktop,falkon not working with my locales.
          2.) kvirc don't starts/works
          3.) meta+shift+print rectangular screenshot on spectacle not copy to clipboard
          4.) some windows like telegram-desktop not remember position
          ...
          Last edited by papu; 11 June 2021, 07:41 PM.

          Comment

          Working...
          X