diff options
Diffstat (limited to 'kde-apps/kwrite')
| -rw-r--r-- | kde-apps/kwrite/Manifest | 1 | ||||
| -rw-r--r-- | kde-apps/kwrite/files/kwrite-18.04.3-root-user.patch | 62 | ||||
| -rw-r--r-- | kde-apps/kwrite/kwrite-18.04.3.ebuild | 52 |
3 files changed, 0 insertions, 115 deletions
diff --git a/kde-apps/kwrite/Manifest b/kde-apps/kwrite/Manifest index b175f82de8da..784a3655e7a2 100644 --- a/kde-apps/kwrite/Manifest +++ b/kde-apps/kwrite/Manifest @@ -1,2 +1 @@ -DIST kate-18.04.3.tar.xz 5639892 BLAKE2B 76b36061ec758964e3644fc3893069791e060566646eb03ce0bb6ed04c6c2707f5f48240887078e309128f09e3316ee1bb7076063a8d937d1c4ee67e1dedc906 SHA512 7a41ef21e28e275a448fa80f6d6a7890e221669343c30f946a4522e7f9b4812407ff5b168939508568ce17965fa2dea965aa63062f4fe059a2612021f877694e DIST kate-18.08.3.tar.xz 5664744 BLAKE2B 6645600156844c52ca8162bec98f107b45f8f4040aa94adbcf51470fb0102c300fb6755b6d6fb6bd856e6792ce770cae72d3675a2ac7fe0519f0c18d4df70e7e SHA512 08eee6b06d0fc0272b8ed73b6100e9afce07596ddab09337309f31709db4dac022e36591228eb1c06e65c064f7ea8bc18bf77fca30962fd277560b35081402a3 diff --git a/kde-apps/kwrite/files/kwrite-18.04.3-root-user.patch b/kde-apps/kwrite/files/kwrite-18.04.3-root-user.patch deleted file mode 100644 index 5bbf2da605ea..000000000000 --- a/kde-apps/kwrite/files/kwrite-18.04.3-root-user.patch +++ /dev/null @@ -1,62 +0,0 @@ -From bf6d5b7532968763bdc629aa90426c53500af13f Mon Sep 17 00:00:00 2001 -From: Nathaniel Graham <nate@kde.org> -Date: Sat, 26 May 2018 14:50:24 -0600 -Subject: Re-allow running Kate and KWrite as the actual root user (but still - not using sudo) - -Summary: -The original change (9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e) to prevent sudo usage broke the use case of running KWrite or Kate while logged in as the actual `root` user with a GUI session. This is how the Kali distro is set up by default, so the original change amounted to making Kate and KWrite not launch at all on this KDE distro. - -This patch re-enables running as the actual root user, but keeps blocking usage via `sudo` or `kdesu`. There are no negative security implications associated with re-allowing usage via the root user, since if you're running a GUI session, you were already exposed to the original security threat and Kate and KWrite do not increase the attack surface. - -I have submitted a similar change for Dolphin that has been accepted (D12795), but @elvisangelaccio wants that to go in at the same time as this, to keep them in sync. - -BUG: 387973 -FIXED-IN: 18.08.0 - -Test Plan: -- Log in as normal user and run `sudo kate` or `sudo kwrite`: you get an error message. -- Log in as normal user and run `kdesu kate` or `kdesu kwrite`: you get an error message. -- Log in as the root user and run Kate or KWrite normally: it works. - -Reviewers: #kate, dhaumann, cullmann, #ktexteditor - -Reviewed By: #kate, dhaumann, #ktexteditor - -Subscribers: kwrite-devel, elvisangelaccio - -Tags: #kate - -Differential Revision: https://phabricator.kde.org/D13138 ---- - kwrite/main.cpp | 14 ++++++++------ - 2 files changed, 16 insertions(+), 12 deletions(-) - -diff --git a/kwrite/main.cpp b/kwrite/main.cpp -index 62f4f2d..d3f3ca9 100644 ---- a/kwrite/main.cpp -+++ b/kwrite/main.cpp -@@ -50,13 +50,15 @@ - extern "C" Q_DECL_EXPORT int main(int argc, char **argv) - { - #ifndef Q_OS_WIN -- /** -- * Check whether we are running as root -- **/ -+ // Prohibit using sudo or kdesu (but allow using the root user directly) - if (getuid() == 0) { -- std::cout << "Executing KWrite as root is not possible. To edit files as root use:" << std::endl; -- std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl; -- return 0; -+ if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { -+ std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities." << std::endl; -+ return EXIT_FAILURE; -+ } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { -+ std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; -+ return EXIT_FAILURE; -+ } - } - #endif - /** --- -cgit v0.11.2 diff --git a/kde-apps/kwrite/kwrite-18.04.3.ebuild b/kde-apps/kwrite/kwrite-18.04.3.ebuild deleted file mode 100644 index a4c814923cc2..000000000000 --- a/kde-apps/kwrite/kwrite-18.04.3.ebuild +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -KMNAME="kate" -KDE_HANDBOOK="optional" -inherit kde5 - -DESCRIPTION="KDE simple text editor" -HOMEPAGE="https://www.kde.org/applications/utilities/kwrite" -KEYWORDS="amd64 x86" - -DEPEND=" - $(add_frameworks_dep kactivities) - $(add_frameworks_dep kconfig) - $(add_frameworks_dep kconfigwidgets) - $(add_frameworks_dep kcoreaddons) - $(add_frameworks_dep kcrash) - $(add_frameworks_dep kdbusaddons) - $(add_frameworks_dep ki18n) - $(add_frameworks_dep kio) - $(add_frameworks_dep kjobwidgets) - $(add_frameworks_dep kparts) - $(add_frameworks_dep ktexteditor) - $(add_frameworks_dep kwidgetsaddons) - $(add_frameworks_dep kxmlgui) - $(add_qt_dep qtgui) - $(add_qt_dep qtwidgets) -" -RDEPEND="${DEPEND}" - -PATCHES=( "${FILESDIR}/${PN}-18.04.3-root-user.patch" ) - -src_prepare() { - kde5_src_prepare - # delete colliding kate translations - if [[ ${KDE_BUILD_TYPE} = release ]]; then - find po -type f -name "*po" -and -not -name "kwrite*" -delete || die - rm -rf po/*/docs/kate* || die - fi -} - -src_configure() { - local mycmakeargs=( - -DBUILD_addons=FALSE - -DBUILD_kate=FALSE - ) - use handbook && mycmakeargs+=( -DBUILD_katepart=FALSE ) - - kde5_src_configure -} |