https://bugs.kde.org/show_bug.cgi?id=443590
Bug ID: 443590 Summary: There's no way with LSP client plugin to avoid language server in untrusted projects Product: kate Version: 21.08.1 Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: kwrite-bugs-n...@kde.org Reporter: dennis.lis...@gmail.com Target Milestone: --- Some language servers / ecosystems run unsandboxed code by default. One example here is Rust's RLS and rust-analyzer servers because compiling dependencies may require calling build scripts or procedural macros. A malicious developer can create a repository that, when a language server is started for it, executes arbitrary malicious code on the developer's machine without any sandbox (or, best case, in Kate's sandbox if there's one). At the moment there's no nice way to use language server in trusted projects, but still be able to open a random cloned repository with Kate without this risk. Ideally a user should be able to open projects as untrusted by default, and only enable the language server if they mark the project as trusted. Notably, this mark should be local so that a malicious repository cannot mark itself trusted. -- You are receiving this mail because: You are watching all bug changes.