KDE is an international technology team creating user-friendly free and open source software for desktop and portable computing. KDE’s software runs on GNU/Linux, BSD and other operating systems, including Windows.
If you encounter a bug, proceed to https://bugs.kde.org/, check whether it has been reported.
If it hasn't, report it yourself.
PLEASE THINK CAREFULLY BEFORE POSTING HERE.
Developers do not look for reports on social media, so they will not see it and all it does is clutter up the feed.
This week in Plasma: Getting #Plasma6.3 into shape, more KRunner searches, better scaling and a whole lot more:
https://blogs.kde.org/2025/01/18/this-week-in-plasma-getting-plasma-6.3-in-great-shape/
@[email protected] @[email protected]
Can you tell us what happens on the "sandbox all the things" goal?
I think this is a pretty crucial step forward, even though #sandbox technologies (most often through user namespaces) are more problematic than I initially thought.
(Basically, user #namespaces open up #privesc to the monolithic #kernel, which is incredible. #Android and #ChromeOS use #LXC, mounts and #SELinux for #sandboxing)
@Rhababerbarbar @[email protected]
"Sandbox all the things" is not currently a KDE goal.
@[email protected] @[email protected]
Thx for the info, then it is like that.
Here is the goal page
https://phabricator.kde.org/T17370
Tbh, #bubblewrap would need to be fixed drastically to be as secure as the #Android #sandbox. And (I am not sure yet) I think even #Snaps are more secure (on #Ubuntu with #Apparmor patches) than #Flatpak with the current system.
As far as I understood, sandboxing needs to happen in #userspace, with tools like #fuse doing the work while being restricted by #MAC like #SELinux or Apparmor.
@Rhababerbarbar @[email protected]
That is the proposal page. Of all proposals, and there are always quite few, the community votes and selects three to work on for two years. This one was not selected.