Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP5:Update
kate
0001-Defuse-root-block.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Defuse-root-block.patch of Package kate
From 52f948fe211fedc54c13c0baf067cd6d8e4cb0c3 Mon Sep 17 00:00:00 2001 From: Luca Beltrame <lbeltrame@kde.org> Date: Sun, 3 Apr 2022 09:26:48 +0200 Subject: [PATCH] Defuse root block While the main point is correct as any application running in the same X session (not sandboxed) can use kate's capability to open a console, we allow (even encourage) running YaST on X11 as root. That way it's only an impact on usability. --- apps/kate/main.cpp | 15 ++------------- apps/kwrite/main.cpp | 17 +++-------------- 2 files changed, 5 insertions(+), 27 deletions(-) Index: kate-19.11.70git.20220404T014944~1f6e53f72/apps/kate/main.cpp =================================================================== --- kate-19.11.70git.20220404T014944~1f6e53f72.orig/apps/kate/main.cpp 2022-04-04 03:49:44.000000000 +0200 +++ kate-19.11.70git.20220404T014944~1f6e53f72/apps/kate/main.cpp 2022-04-04 05:55:46.476883480 +0200 @@ -49,19 +49,8 @@ #if !defined(Q_OS_WIN) && !defined(Q_OS_HAIKU) // Prohibit using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { - if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { - std::cout << "Running Kate with sudo can cause bugs and expose you to security vulnerabilities. " - "Instead use Kate normally and you will be prompted for elevated privileges when " - "saving documents if needed." - << std::endl; - return EXIT_FAILURE; - } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { - std::cout << "Running Kate with kdesu can cause bugs and expose you to security vulnerabilities. " - "Instead use Kate normally and you will be prompted for elevated privileges when " - "saving documents if needed." - << std::endl; - return EXIT_FAILURE; - } + std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; + std::cout << "SUDO_EDITOR=kate sudoedit <file>" << std::endl; } #endif /** Index: kate-19.11.70git.20220404T014944~1f6e53f72/apps/kwrite/main.cpp =================================================================== --- kate-19.11.70git.20220404T014944~1f6e53f72.orig/apps/kwrite/main.cpp 2022-04-04 03:49:44.000000000 +0200 +++ kate-19.11.70git.20220404T014944~1f6e53f72/apps/kwrite/main.cpp 2022-04-04 05:57:17.276197192 +0200 @@ -27,19 +27,8 @@ #if !defined(Q_OS_WIN) && !defined(Q_OS_HAIKU) // Prohibit using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { - if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { - std::cout << "Running KWrite with sudo can cause bugs and expose you to security vulnerabilities. " - "Instead use KWrite normally and you will be prompted for elevated privileges when " - "saving documents if needed." - << std::endl; - return EXIT_FAILURE; - } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { - std::cout << "Running KWrite with kdesu can cause bugs and expose you to security vulnerabilities. " - "Instead use KWrite normally and you will be prompted for elevated privileges when " - "saving documents if needed." - << std::endl; - return EXIT_FAILURE; - } + std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; + std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl; } #endif
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor