In my opinion as someone who just uses these Linux DEs, it seems like it would be better if they focused on “safe” content and left anything scriptable to be distributed through other means. The security risks along with bad experiences with outdated and broken software in the past have convinced me to never use these features, which is a shame as people have probably made some neat themes and widgets. On the post, I don’t buy the comparison with AUR and PPA. Whatever the risks with those systems (and don’t get me wrong, they can be significant), the end user has usually concluded based on reputation from elsewhere that they want to install a particular application and they use the AUR or PPA system to get the job done. The theme stores on desktop environments, by contrast, seem like they’re going to be the way that users discover small pieces of content that are never going to have much of an external reputation. To use such programs safely you would have to read the source code of anything you’ve thinking about using, and not many people have the ability and time/willingness to do so.
With the AUR and PPAs, random members of the community that weren't involved with developing the original software can submit software. This means you can't go off of the software's reputation alone, as someone may have uploaded a malicious version of existing software (i.e. what happened around a month ago on the Ubuntu Snap store with a malicious Bitcoin wallet: https://popey.com/blog/2024/02/exodus-bitcoin-wallet-490k-sw...).
I do agree that themes don't sound like they could execute code, and KDE should be doing more to restrict what they can do to a user's computer.
If you cannot audit it and supervise it, do not offer a point-and-click way to install it. Do not rely on end-users experience and sanity nor the good intentions of random people online.
Installation of Gnome extensions or KDE themes (unless official package from distribution's repository is used) always seemed as unnecessary risk to me.
I posted an idea about sandboxing that I think is a middle ground between doing away entirely with the idea of gnome/kde extensions and themes using sandboxing:
How Long has the KDE store been around? I only started using KDE a couple months ago, and I couldn't wrap my head around the KDE themes etc -- it's weird clicking those disclaimers just to install a wallpaper. If it's been around for a while that makes a little more sense I suppose?
It's not just a wallpaper, it's general execution, because these things are intended to be able to add general functionality. They can add a menu item to various menus and provide code to execute the new menu, and that's the goal.
You can make a program that sets a wallpaper and write a description, "download my free wallpaper", but that doesn't make it into a wallpaper, it's still a program. The KDE store doesn't have a category for non-programs.
It bugs me that you seemingly can't disable the KDE Store in Discover, because it's not one of the "repositories"/"software sources" listed in its settings. I wonder if this "ghns" kiosk flag is enough to completely turn it off.
Can somebody provide a code snippet that would be an example of something you definitely don't want these addons to run? Or is it, like, any general C / Python code?
I think the post that originated all this fuss was because something rimraffed the user's whole root volume. IIRC a variable that wasn't set so it nuked root instead of a specific dir.
