diff options
Diffstat (limited to 'kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch')
-rw-r--r-- | kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch | 56 |
1 files changed, 0 insertions, 56 deletions
diff --git a/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch b/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch deleted file mode 100644 index 04baafa1d8e8..000000000000 --- a/kde-apps/dolphin/files/dolphin-18.04.3-root-user.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 40453cb627a39f1ff92373f865426f0bcdc83419 Mon Sep 17 00:00:00 2001 -From: Nathaniel Graham <nate@kde.org> -Date: Wed, 9 May 2018 17:18:08 -0600 -Subject: Re-allow running Dolphin as the root user (but still not using sudo) - -Summary: -Prohibiting the use of Dolphin as the actual root user (not using `sudo` or `kdesu`) breaks legitimate use cases for using the root user. An example is Kali, a distro that logs in as the root user by default as a deliberate design choice. - -In such an environment, there is no additional security vulnerability beyond what you're already potentially exposing yourself to. So, let's re-enable it. - -BUG: 387974 -FIXED-IN: 18.08.0 - -Test Plan: -- Log in as normal user and run `sudo dolphin`: you get an error message. -- Log in as normal user and run `kdesu dolphin`: you get an error message. -- Log in as the root user and run dolphin normally: it works. - -Reviewers: markg, elvisangelaccio, #dolphin - -Reviewed By: markg - -Subscribers: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp - -Tags: #dolphin - -Differential Revision: https://phabricator.kde.org/D12795 ---- - src/main.cpp | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/src/main.cpp b/src/main.cpp -index db52e11..75bab67 100644 ---- a/src/main.cpp -+++ b/src/main.cpp -@@ -43,10 +43,15 @@ - extern "C" Q_DECL_EXPORT int kdemain(int argc, char **argv) - { - #ifndef Q_OS_WIN -- // Check whether we are running as root -+ // Prohibit using sudo or kdesu (but allow using the root user directly) - if (getuid() == 0) { -- std::cout << "Executing Dolphin as root is not possible." << std::endl; -- return EXIT_FAILURE; -+ if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { -+ std::cout << "Executing Dolphin with sudo is not possible due to unfixable security vulnerabilities." << std::endl; -+ return EXIT_FAILURE; -+ } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { -+ std::cout << "Executing Dolphin with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; -+ return EXIT_FAILURE; -+ } - } - #endif - --- -cgit v0.11.2 |