Follow-up from "kns: Get the distributor name from attica rather than from KNS"
From !343 (merged)
I don't see any configuration UI to change the URL in Discover.
Right, it comes from knsrc files, you will see they contain a
ProvidersUrl
file. A way to attack would be to place a new knsrc file in your system that pointed to a malicious system. Note that user directories are also allowed play here.Another vector would be to override
ProvidersUrl
from kdeglobals, as knewstuff is designed to do that, because while we don't have such a kcm, it's designed to have it.
These are fairly significant security holes.