rpm/kate
SHA256
1
0
Fork 0
forked from pool/kate
Code Pull Requests Activity

Accepting request 496375 from home:Vogtinator:branches:KDE:Applications

Browse Source 
- Add patch to defuse root block:
  * 0001-Defuse-root-block.patch

OBS-URL: https://build.opensuse.org/request/show/496375
OBS-URL: https://build.opensuse.org/package/show/KDE:Applications/kate?expand=0&rev=74
This commit is contained in:
Luca Beltrame 2017-05-18 19:18:32 +00:00 committed by Git OBS Bridge
parent d9df5e03b6
commit 11486f88eb
3 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
0001-Defuse-root-block.patch Normal file
View File

@ -0,0 +1,47 @@
From 435ed5853b9451ab8fdfff722545c57a8f154625 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Sat, 18 Feb 2017 13:49:14 +0100
Subject: [PATCH] Defuse root block
While the main point is correct as any application running in the same
X session (not sandboxed) can use kate's capability to open a console,
we allow (even encourage) running YaST on X11 as root.
That way it's only an impact on usability.
---
kate/main.cpp | 3 +--
kwrite/main.cpp | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/kate/main.cpp b/kate/main.cpp
index 342cd5db3..4845646aa 100644
--- a/kate/main.cpp
+++ b/kate/main.cpp
@@ -64,9 +64,8 @@ int main(int argc, char **argv)
* Check whether we are running as root
**/
if (getuid() == 0) {
- std::cout << "Executing Kate as root is not possible. To edit files as root use:" << std::endl;
+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl;
std::cout << "SUDO_EDITOR=kate sudoedit <file>" << std::endl;
- return 0;
}
#endif
/**
diff --git a/kwrite/main.cpp b/kwrite/main.cpp
index 68a055edb..4937f72d3 100644
--- a/kwrite/main.cpp
+++ b/kwrite/main.cpp
@@ -54,9 +54,8 @@ extern "C" Q_DECL_EXPORT int main(int argc, char **argv)
* Check whether we are running as root
**/
if (getuid() == 0) {
- std::cout << "Executing KWrite as root is not possible. To edit files as root use:" << std::endl;
+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl;
std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl;
- return 0;
}
#endif
/**
--
2.12.2

6
kate.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu May 18 18:29:45 UTC 2017 - fabian@ritter-vogt.de
- Add patch to defuse root block:
* 0001-Defuse-root-block.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 17 20:35:54 CEST 2017 - lbeltrame@kde.org Wed May 17 20:35:54 CEST 2017 - lbeltrame@kde.org

3
kate.spec
View File

@ -30,6 +30,8 @@ License: GPL-2.0+
Group: Productivity/Editors/Other Group: Productivity/Editors/Other
Url: http://www.kde.org Url: http://www.kde.org
Source0: %{name}-%{version}.tar.xz Source0: %{name}-%{version}.tar.xz
# PATCH-FIX-OPENSUSE
Patch0: 0001-Defuse-root-block.patch
BuildRequires: kactivities5-devel BuildRequires: kactivities5-devel
BuildRequires: kconfig-devel BuildRequires: kconfig-devel
BuildRequires: kcrash-devel BuildRequires: kcrash-devel
@ -93,6 +95,7 @@ plugins and data files for Kate and KWrite editors.
%prep %prep
%setup -q %setup -q
%patch0 -p1
%build %build
%cmake_kf5 -d build %cmake_kf5 -d build