Dropping one more comment, in case someone wants to give it a try: Apparmor profile transitions don't work if a seccomp filter has been installed before. This makes it probably rather difficult to integrate DrKonqi into an Apparmor policy.

In D8532#336584, @fvogt wrote:

AFAICT this won't actually protect much - the open DBus socket is enough to execute arbitrary programs.

The best design would be (IMO, not sure how well the current architecture fits) to have a fully sandboxed executable which can only communicate with baloo over a single socket.
Over that socket it receives a (read-only) file descriptor for the to be dissected file and then sends the result to baloo.

I'm just an interested user and cannot comment on the question of external plugins. But before this enters a deep sleep, I wonder if at least the current patch should find its way into the extractors or into kfilemetadata.

A whitelist, even if it is broad, would be desirable to reduce the attack surface of the kernel, and is also the way it has been done for Gnome Tracker. But the concerns about maintenance remain, it probably should be tested regularly. Are there ways this can be automated?