From c849cf8e8865998487e2b5ba613dda2705767960 Mon Sep 17 00:00:00 2001
From: Remco Burema <r.burema@ultimaker.com>
Date: Fri, 7 Jan 2022 19:12:36 +0100
Subject: [PATCH] Refuse to listen to QT_PLUGIN_PATH.

We don't need it ourselves, and it's a potentially serious attack vector.

CURA-8475
---
 cura_app.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cura_app.py b/cura_app.py
index 57692ec0ae..0a63db9376 100755
--- a/cura_app.py
+++ b/cura_app.py
@@ -15,6 +15,7 @@ if "" in sys.path:
 import argparse
 import faulthandler
 import os
+os.environ["QT_PLUGIN_PATH"] = ""  # Security workaround: Don't need it, and introduces an attack vector, so set to nul.
 
 from PyQt5.QtNetwork import QSslConfiguration, QSslSocket