diff options
Diffstat (limited to 'kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch')
-rw-r--r-- | kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch b/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch new file mode 100644 index 000000000000..04baafa1d8e8 --- /dev/null +++ b/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch @@ -0,0 +1,56 @@ +From 40453cb627a39f1ff92373f865426f0bcdc83419 Mon Sep 17 00:00:00 2001 +From: Nathaniel Graham <nate@kde.org> +Date: Wed, 9 May 2018 17:18:08 -0600 +Subject: Re-allow running Dolphin as the root user (but still not using sudo) + +Summary: +Prohibiting the use of Dolphin as the actual root user (not using `sudo` or `kdesu`) breaks legitimate use cases for using the root user. An example is Kali, a distro that logs in as the root user by default as a deliberate design choice. + +In such an environment, there is no additional security vulnerability beyond what you're already potentially exposing yourself to. So, let's re-enable it. + +BUG: 387974 +FIXED-IN: 18.08.0 + +Test Plan: +- Log in as normal user and run `sudo dolphin`: you get an error message. +- Log in as normal user and run `kdesu dolphin`: you get an error message. +- Log in as the root user and run dolphin normally: it works. + +Reviewers: markg, elvisangelaccio, #dolphin + +Reviewed By: markg + +Subscribers: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp + +Tags: #dolphin + +Differential Revision: https://phabricator.kde.org/D12795 +--- + src/main.cpp | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/main.cpp b/src/main.cpp +index db52e11..75bab67 100644 +--- a/src/main.cpp ++++ b/src/main.cpp +@@ -43,10 +43,15 @@ + extern "C" Q_DECL_EXPORT int kdemain(int argc, char **argv) + { + #ifndef Q_OS_WIN +- // Check whether we are running as root ++ // Prohibit using sudo or kdesu (but allow using the root user directly) + if (getuid() == 0) { +- std::cout << "Executing Dolphin as root is not possible." << std::endl; +- return EXIT_FAILURE; ++ if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { ++ std::cout << "Executing Dolphin with sudo is not possible due to unfixable security vulnerabilities." << std::endl; ++ return EXIT_FAILURE; ++ } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { ++ std::cout << "Executing Dolphin with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; ++ return EXIT_FAILURE; ++ } + } + #endif + +-- +cgit v0.11.2 |