Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-apps/dolphin/files
diff options
context:
space:
mode:
Diffstat (limited to 'kde-apps/dolphin/files')
-rw-r--r--kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch56
-rw-r--r--kde-apps/dolphin/files/dolphin-18.04.3-root-warn.patch45
2 files changed, 101 insertions, 0 deletions
diff --git a/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch b/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch
new file mode 100644
index 000000000000..04baafa1d8e8
--- /dev/null
+++ b/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch
@@ -0,0 +1,56 @@
+From 40453cb627a39f1ff92373f865426f0bcdc83419 Mon Sep 17 00:00:00 2001
+From: Nathaniel Graham <nate@kde.org>
+Date: Wed, 9 May 2018 17:18:08 -0600
+Subject: Re-allow running Dolphin as the root user (but still not using sudo)
+
+Summary:
+Prohibiting the use of Dolphin as the actual root user (not using `sudo` or `kdesu`) breaks legitimate use cases for using the root user. An example is Kali, a distro that logs in as the root user by default as a deliberate design choice.
+
+In such an environment, there is no additional security vulnerability beyond what you're already potentially exposing yourself to. So, let's re-enable it.
+
+BUG: 387974
+FIXED-IN: 18.08.0
+
+Test Plan:
+- Log in as normal user and run `sudo dolphin`: you get an error message.
+- Log in as normal user and run `kdesu dolphin`: you get an error message.
+- Log in as the root user and run dolphin normally: it works.
+
+Reviewers: markg, elvisangelaccio, #dolphin
+
+Reviewed By: markg
+
+Subscribers: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp
+
+Tags: #dolphin
+
+Differential Revision: https://phabricator.kde.org/D12795
+---
+ src/main.cpp | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/main.cpp b/src/main.cpp
+index db52e11..75bab67 100644
+--- a/src/main.cpp
++++ b/src/main.cpp
+@@ -43,10 +43,15 @@
+ extern "C" Q_DECL_EXPORT int kdemain(int argc, char **argv)
+ {
+ #ifndef Q_OS_WIN
+- // Check whether we are running as root
++ // Prohibit using sudo or kdesu (but allow using the root user directly)
+ if (getuid() == 0) {
+- std::cout << "Executing Dolphin as root is not possible." << std::endl;
+- return EXIT_FAILURE;
++ if (!qEnvironmentVariableIsEmpty("SUDO_USER")) {
++ std::cout << "Executing Dolphin with sudo is not possible due to unfixable security vulnerabilities." << std::endl;
++ return EXIT_FAILURE;
++ } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) {
++ std::cout << "Executing Dolphin with kdesu is not possible due to unfixable security vulnerabilities." << std::endl;
++ return EXIT_FAILURE;
++ }
+ }
+ #endif
+
+--
+cgit v0.11.2
diff --git a/kde-apps/dolphin/files/dolphin-18.04.3-root-warn.patch b/kde-apps/dolphin/files/dolphin-18.04.3-root-warn.patch
new file mode 100644
index 000000000000..bd6e2ab0d815
--- /dev/null
+++ b/kde-apps/dolphin/files/dolphin-18.04.3-root-warn.patch
@@ -0,0 +1,45 @@
+From 621cd24acfec8cbed19e9aa6ff8650cd6f38f809 Mon Sep 17 00:00:00 2001
+From: Nathaniel Graham <nate@kde.org>
+Date: Sun, 6 May 2018 17:48:54 -0600
+Subject: Show a warning when running as the root user
+
+Summary: Now that Dolphin can be run as the root user again, let's show a warning.
+
+Test Plan:
+When run with the root user account:
+{F5882057}
+
+Reviewers: #dolphin, markg, elvisangelaccio
+
+Reviewed By: markg, elvisangelaccio
+
+Subscribers: acooligan, anthonyfieroni, chinmoyr, kfm-devel, rikmills, emmanuelp, zzag, nicolasfella, elvisangelaccio, Fuchs, mmustac, markg
+
+Tags: #dolphin
+
+Differential Revision: https://phabricator.kde.org/D12732
+---
+ src/dolphinviewcontainer.cpp | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/dolphinviewcontainer.cpp b/src/dolphinviewcontainer.cpp
+index bf8ac88..7b99595 100644
+--- a/src/dolphinviewcontainer.cpp
++++ b/src/dolphinviewcontainer.cpp
+@@ -108,6 +108,14 @@ DolphinViewContainer::DolphinViewContainer(const QUrl& url, QWidget* parent) :
+ m_messageWidget->setCloseButtonVisible(true);
+ m_messageWidget->hide();
+
++#ifndef Q_OS_WIN
++ if (getuid() == 0) {
++
++ // We must be logged in as the root user; show a big scary warning
++ showMessage(i18n("Running Dolphin as root can be dangerous. Please be careful."), Warning);
++ }
++#endif
++
+ m_view = new DolphinView(url, this);
+ connect(m_view, &DolphinView::urlChanged,
+ m_urlNavigator, &KUrlNavigator::setLocationUrl);
+--
+cgit v0.11.2