From 017d20b8f56c2cc9279558f3363d35816fd5c7d3 Mon Sep 17 00:00:00 2001 From: Andreas Sturmlechner Date: Tue, 29 Sep 2020 00:38:40 +0200 Subject: kde-frameworks/kio: kio_trash: remove too strict permission check Fixes an upstream Gentoo user report from 2004. Upstream commit 03bcb3d3ff89074a68839b6ebeb8030ef0ee4fd1 KDE-Bug: https://bugs.kde.org/show_bug.cgi?id=76380 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Andreas Sturmlechner --- ...o-5.74.1-kio_trash-too-strict-perms-check.patch | 67 ++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 kde-frameworks/kio/files/kio-5.74.1-kio_trash-too-strict-perms-check.patch (limited to 'kde-frameworks/kio/files') diff --git a/kde-frameworks/kio/files/kio-5.74.1-kio_trash-too-strict-perms-check.patch b/kde-frameworks/kio/files/kio-5.74.1-kio_trash-too-strict-perms-check.patch new file mode 100644 index 000000000000..d0b0ca0769cc --- /dev/null +++ b/kde-frameworks/kio/files/kio-5.74.1-kio_trash-too-strict-perms-check.patch @@ -0,0 +1,67 @@ +From 03bcb3d3ff89074a68839b6ebeb8030ef0ee4fd1 Mon Sep 17 00:00:00 2001 +From: David Faure +Date: Fri, 11 Sep 2020 11:54:09 +0200 +Subject: [PATCH] kio_trash: remove unnecessarily strict permission check + +Tested with `chmod 0770 /d/.Trash-1000` (where /d is a mount point), +kio_trash complained about security checks before this commit, +and works with it. + +Also tested with a USB key which ends up mounted as +type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=100,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2). After kio_trash creates .Trash-1000 +it complained about a "strange filesystem", and while this is still true :), +the removal of the code in TrashImpl::initTrashDirectory makes +the trash dir on the USB key usable. + +BUG: 76380 +FIXED-IN: 5.74 +--- + src/ioslaves/trash/trashimpl.cpp | 25 ++++--------------------- + 1 file changed, 4 insertions(+), 21 deletions(-) + +diff --git a/src/ioslaves/trash/trashimpl.cpp b/src/ioslaves/trash/trashimpl.cpp +index b1ba87a4..9ec7cc7a 100644 +--- a/src/ioslaves/trash/trashimpl.cpp ++++ b/src/ioslaves/trash/trashimpl.cpp +@@ -1210,9 +1210,9 @@ QString TrashImpl::trashForMountPoint(const QString &topdir, bool createIfNeeded + const QByteArray trashDir_c = QFile::encodeName(trashDir); + if (QT_LSTAT(trashDir_c.constData(), &buff) == 0) { + if ((buff.st_uid == uid) // must be owned by user +- && (S_ISDIR(buff.st_mode)) // must be a dir +- && (!S_ISLNK(buff.st_mode)) // not a symlink +- && ((buff.st_mode & 0777) == 0700)) { // rwx for user, ------ for group and others ++ && S_ISDIR(buff.st_mode) // must be a dir ++ && !S_ISLNK(buff.st_mode) // not a symlink ++ && ((buff.st_mode & 0700) == 0700)) { // and we need write access to it + + if (checkTrashSubdirs(trashDir_c)) { + return trashDir; +@@ -1248,24 +1248,7 @@ bool TrashImpl::initTrashDirectory(const QByteArray &trashDir_c) const + return false; + } + //qCDebug(KIO_TRASH); +- // This trash dir will be useable only if the directory is owned by user. +- // In theory this is the case, but not on e.g. USB keys... +- uid_t uid = getuid(); +- QT_STATBUF buff; +- if (QT_LSTAT(trashDir_c.constData(), &buff) != 0) { +- return false; // huh? +- } +- if ((buff.st_uid == uid) // must be owned by user +- && ((buff.st_mode & 0777) == 0700)) { // rwx for user, --- for group and others +- +- return checkTrashSubdirs(trashDir_c); +- +- } else { +- qCWarning(KIO_TRASH) << trashDir_c << "just created, by it doesn't have the right permissions, probably some strange unsupported filesystem"; +- ::rmdir(trashDir_c.constData()); +- return false; +- } +- return true; ++ return checkTrashSubdirs(trashDir_c); + } + + bool TrashImpl::checkTrashSubdirs(const QByteArray &trashDir_c) const +-- +GitLab + -- cgit v1.2.3-65-gdbad