pool/kate
SHA256
5
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6c29797128
kate/0001-Defuse-root-block.patch

41 lines
2.1 KiB
Diff
Raw Blame History

From 435ed5853b9451ab8fdfff722545c57a8f154625 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Sat, 18 Feb 2017 13:49:14 +0100
Subject: [PATCH] Defuse root block
While the main point is correct as any application running in the same
X session (not sandboxed) can use kate's capability to open a console,
we allow (even encourage) running YaST on X11 as root.
That way it's only an impact on usability.
---
kate/main.cpp | 3 +--
kwrite/main.cpp | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
Index: kate-19.11.70git.20210802T211844~84f9368ef/kate/main.cpp
===================================================================
--- kate-19.11.70git.20210802T211844~84f9368ef.orig/kate/main.cpp 2021-08-02 21:18:44.000000000 +0200
+++ kate-19.11.70git.20210802T211844~84f9368ef/kate/main.cpp 2021-08-03 23:05:03.494438867 +0200
@@ -48,19 +48,8 @@
#if !defined(Q_OS_WIN) && !defined(Q_OS_HAIKU)
// Prohibit using sudo or kdesu (but allow using the root user directly)
if (getuid() == 0) {
- if (!qEnvironmentVariableIsEmpty("SUDO_USER")) {
- std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities. "
- "It is also not necessary; simply use Kate normally, and you will be prompted for "
- "elevated privileges when saving documents if needed."
- << std::endl;
- return EXIT_FAILURE;
- } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) {
- std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities. "
- "It is also not necessary; simply use Kate normally, and you will be prompted for "
- "elevated privileges when saving documents if needed."
- << std::endl;
- return EXIT_FAILURE;
- }
+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl;
+ std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl;
}
#endif
/**
Reference in New Issue View Git Blame Copy Permalink