Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Rings:1-MinimalX
kate
0001-Defuse-root-block.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Defuse-root-block.patch of Package kate
From 435ed5853b9451ab8fdfff722545c57a8f154625 Mon Sep 17 00:00:00 2001 From: Fabian Vogt <fabian@ritter-vogt.de> Date: Sat, 18 Feb 2017 13:49:14 +0100 Subject: [PATCH] Defuse root block While the main point is correct as any application running in the same X session (not sandboxed) can use kate's capability to open a console, we allow (even encourage) running YaST on X11 as root. That way it's only an impact on usability. --- kate/main.cpp | 3 +-- kwrite/main.cpp | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) Index: kate-19.03.60git.20190930T050110~1d9a68423/kate/main.cpp =================================================================== --- kate-19.03.60git.20190930T050110~1d9a68423.orig/kate/main.cpp 2019-09-30 05:01:10.000000000 +0200 +++ kate-19.03.60git.20190930T050110~1d9a68423/kate/main.cpp 2019-09-30 07:28:13.299460412 +0200 @@ -60,13 +60,8 @@ #ifndef Q_OS_WIN // Prohibit using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { - if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { - std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities." << std::endl; - return EXIT_FAILURE; - } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { - std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; - return EXIT_FAILURE; - } + std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; + std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl; } #endif /** Index: kate-19.03.60git.20190930T050110~1d9a68423/kwrite/main.cpp =================================================================== --- kate-19.03.60git.20190930T050110~1d9a68423.orig/kwrite/main.cpp 2019-09-30 05:01:10.000000000 +0200 +++ kate-19.03.60git.20190930T050110~1d9a68423/kwrite/main.cpp 2019-09-30 07:28:13.299460412 +0200 @@ -54,13 +54,8 @@ #ifndef Q_OS_WIN // Prohibit using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { - if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { - std::cout << "Executing KWrite with sudo is not possible due to unfixable security vulnerabilities." << std::endl; - return EXIT_FAILURE; - } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { - std::cout << "Executing KWrite with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; - return EXIT_FAILURE; - } + std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; + std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl; } #endif
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor