blob: ab606eebed99f69f7d5f6ce2c6fa72d35c496e23 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
From bbec74337b3186bc258bd5adf849b89191789535 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Fri, 29 Jan 2021 11:31:54 +0100
Subject: [PATCH] Don't let kglobalaccel run if KDE_SESSION_UID mismatches
Otherwise shortcuts execute actions as the wrong user.
---
src/runtime/main.cpp | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/runtime/main.cpp b/src/runtime/main.cpp
index d2917ad..46506b3 100644
--- a/src/runtime/main.cpp
+++ b/src/runtime/main.cpp
@@ -10,6 +10,8 @@
#include "kglobalacceld.h"
#include "logging_p.h"
+#include <unistd.h>
+
#include <KAboutData>
#include <KCrash>
#include <KDBusService>
@@ -57,6 +59,16 @@ extern "C" Q_DECL_EXPORT int main(int argc, char **argv)
return 0;
}
+ // It's possible that kglobalaccel gets started as the wrong user by
+ // accident, e.g. kdesu dolphin leads to dbus activation. It then installs
+ // its grabs and the actions are run as the wrong user.
+ bool isUidset = false;
+ const int sessionuid = qEnvironmentVariableIntValue("KDE_SESSION_UID", &isUidset);
+ if(isUidset && static_cast<uid_t>(sessionuid) != getuid()) {
+ qCWarning(KGLOBALACCELD) << "kglobalaccel running as wrong user, exiting.";
+ return 0;
+ }
+
KDBusService service(KDBusService::Unique);
app.setQuitOnLastWindowClosed(false);
--
GitLab
|