While this doesn’t appear to have been deliberate, it’s a sobering reminder of how simple it would be to inject some malicious code in themes or widgets.
The theme was called Grey Layout, and it has already been removed from the KDE store.
I just installed this Global Theme, innocently (Global Themes → Add New…)
It DELETES all your USER mounted drives data. It executes rm -rf on your behalf, deletes all personal data immediately. No questions asked.
A reply from a top KDE dev:
This particular theme has been removed. Too dangerous to live. We’re discussing a path forward for making sure this kind of thing can’t happen.
Most people would consider adding a theme (or widget) to be a perfectly safe, simple addition to their desktop. Be careful about blindly trusting things.
Important reminder. Plasma-store items have access to the CLI. Use common sense™ and treat it like the AUR. Check the description, reviews, ratings, age, … Source code should be provided but isn’t reviewed, so if possible take a quick look yourself. No source code, no installation!
How frequently rm -rf is used in the system specifically?
Is it configurable somewhere to make rm with specifically -rf to ask for root?
While it is weird to see such issue in the themes, I don’t think that it cannot pop up somewhere else.
Not sure if this is the most effective way but you could always alias rm to rm -i for it to require user intervention before the command is actually executed.
rm --help
-i prompt before every removal
Edit: Don’t know how to configure it in this way when you use sudo. Perhaps other more advanced users may be able to provide some insight.
Thanks for this. I have no additional KDE theme installed but when reading something like this I am asking myself if this could also have happened to me.
Fortunately, I am very reluctant to install anything which is not in the repos. If in AUR I usually check where this package comes from aso.
But, if I would like to install a theme which was uploaded by some user I would at least check how often this theme has been used already.
This also could be insufficient, of course. So what is the best way here? Just to not install any such theme (which is my way)?
Of course, this can delete your data and non-root backups on the mounted disk without root permission.
This would not affect your data if it in its btrfs snapshot in the same system.