Bug 419308

Summary: Krunner: Security concerns
Product: [Plasma] krunner Reporter: Gabriel Fernandes <gabrielfernnd>
Component: generalAssignee: Kai Uwe Broulik <kde>
Status: RESOLVED DUPLICATE    
Severity: major CC: kde
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Gabriel Fernandes 2020-03-27 19:52:48 UTC 
Please, take a look at the post, it explains the problem and things it might cause
https://www.reddit.com/r/kde/comments/fpqbi2/krunner_and_kickoff_security_concerns/

I would like to suggest Krunner to only execute files from the PATH, from the plugin "Command Line" and not files that were brought by other plugins like "Recent Documents"
Comment 1 David Edmundson 2020-03-27 22:29:51 UTC 
Lets just have one report

It's the same KRun(url)

*** This bug has been marked as a duplicate of bug 419310 ***