452676 – No unconditional activation of all plugins for newly paired devices

Bug 452676 - No unconditional activation of all plugins for newly paired devices

Summary: No unconditional activation of all plugins for newly paired devices

Status:	REPORTED

Alias:	None

Product:	kdeconnect
Classification:	Applications
Component:	common (show other bugs)
Version:	unspecified
Platform:	unspecified Unspecified

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	Albert Vaca Cintora

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-04-16 13:52 UTC by Paul Krause
Modified:	2022-04-16 13:52 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Paul Krause 2022-04-16 13:52:48 UTC

At the moment, each newly paired device has all plugins active on both paired devices.
It would be more secure, and a nice feature, if this would not be the case unconditionally.

Some extend of security is of course provided by the sandbox of flatpak, the permissions system on mobile phones. But in other cases a newly paired device can do anything on the other device (e.g. using the Run Commands plugin) that the pairing user can do.

Personally, I do not mind if there is no fine control, just a "No plugin activated by default" option. Likewise whether this is controlled by an option in the gui, for desktop devices by some configuration file, by a pop-up asking for preference at the time of pairing, or just plain hard-coded.

Many Thanks!