Bug 419308 - Krunner: Security concerns
Summary: Krunner: Security concerns
Status: RESOLVED DUPLICATE of bug 419310
Alias: None
Product: krunner
Classification: Plasma
Component: general (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR major
Target Milestone: ---
Assignee: Kai Uwe Broulik
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-27 19:52 UTC by Gabriel Fernandes
Modified: 2020-03-27 22:29 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Gabriel Fernandes 2020-03-27 19:52:48 UTC 
Please, take a look at the post, it explains the problem and things it might cause
https://www.reddit.com/r/kde/comments/fpqbi2/krunner_and_kickoff_security_concerns/

I would like to suggest Krunner to only execute files from the PATH, from the plugin "Command Line" and not files that were brought by other plugins like "Recent Documents"
Comment 1 David Edmundson 2020-03-27 22:29:51 UTC 
Lets just have one report

It's the same KRun(url)

*** This bug has been marked as a duplicate of bug 419310 ***