From c5bc6eabc2f77bc6e13356e81f931c6c5f9d06ab Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Sun, 12 Aug 2018 13:17:59 +0200 Subject: Refresh the patches that allow dolphin and kate to run as root --- kde/patch/kate/kate_runasroot.patch | 79 ++++++++++++++++++------------------- 1 file changed, 38 insertions(+), 41 deletions(-) (limited to 'kde/patch/kate/kate_runasroot.patch') diff --git a/kde/patch/kate/kate_runasroot.patch b/kde/patch/kate/kate_runasroot.patch index 88dbbe9..07139c4 100644 --- a/kde/patch/kate/kate_runasroot.patch +++ b/kde/patch/kate/kate_runasroot.patch @@ -1,48 +1,45 @@ -From 435ed5853b9451ab8fdfff722545c57a8f154625 Mon Sep 17 00:00:00 2001 -From: Fabian Vogt -Date: Sat, 18 Feb 2017 13:49:14 +0100 -Subject: [PATCH] Defuse root block +The user gets to decide whether she wants to run kate as root. +Please developers, do not presume that a Slackware user is dumb. -While the main point is correct as any application running in the same -X session (not sandboxed) can use kate's capability to open a console, -we allow (even encourage) running YaST on X11 as root. -That way it's only an impact on usability. ---- - kate/main.cpp | 3 +-- - kwrite/main.cpp | 3 +-- - 2 files changed, 2 insertions(+), 4 deletions(-) - -diff --git a/kate/main.cpp b/kate/main.cpp -index 342cd5db3..4845646aa 100644 ---- a/kate/main.cpp -+++ b/kate/main.cpp -@@ -64,9 +64,8 @@ int main(int argc, char **argv) - * Check whether we are running as root - **/ +diff -uar kate-18.08.0.orig/kate/main.cpp kate-18.08.0/kate/main.cpp +--- kate-18.08.0.orig/kate/main.cpp 2018-08-06 22:41:28.000000000 +0200 ++++ kate-18.08.0/kate/main.cpp 2018-08-11 00:23:36.968895970 +0200 +@@ -61,14 +61,12 @@ + int main(int argc, char **argv) + { + #ifndef Q_OS_WIN +- // Prohibit using sudo or kdesu (but allow using the root user directly) ++ // Warn using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { -- std::cout << "Executing Kate as root is not possible. To edit files as root use:" << std::endl; -+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; - std::cout << "SUDO_EDITOR=kate sudoedit " << std::endl; -- return 0; + if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { +- std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities." << std::endl; +- return EXIT_FAILURE; ++ std::cout << "Executing Kate with sudo is UNSAFE due to unfixable security vulnerabilities." << std::endl; + } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { +- std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; +- return EXIT_FAILURE; ++ std::cout << "Executing Kate with kdesu is UNSAFE due to unfixable security vulnerabilities." << std::endl; + } } #endif - /** -diff --git a/kwrite/main.cpp b/kwrite/main.cpp -index 68a055edb..4937f72d3 100644 ---- a/kwrite/main.cpp -+++ b/kwrite/main.cpp -@@ -54,9 +54,8 @@ extern "C" Q_DECL_EXPORT int main(int argc, char **argv) - * Check whether we are running as root - **/ +diff -uar kate-18.08.0.orig/kwrite/main.cpp kate-18.08.0/kwrite/main.cpp +--- kate-18.08.0.orig/kwrite/main.cpp 2018-08-06 22:41:28.000000000 +0200 ++++ kate-18.08.0/kwrite/main.cpp 2018-08-11 00:24:06.456910567 +0200 +@@ -50,14 +50,12 @@ + extern "C" Q_DECL_EXPORT int main(int argc, char **argv) + { + #ifndef Q_OS_WIN +- // Prohibit using sudo or kdesu (but allow using the root user directly) ++ // Warn using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { -- std::cout << "Executing KWrite as root is not possible. To edit files as root use:" << std::endl; -+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; - std::cout << "SUDO_EDITOR=kwrite sudoedit " << std::endl; -- return 0; + if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { +- std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities." << std::endl; +- return EXIT_FAILURE; ++ std::cout << "Executing Kate with sudo is UNSAFE due to unfixable security vulnerabilities." << std::endl; + } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { +- std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; +- return EXIT_FAILURE; ++ std::cout << "Executing Kate with kdesu is UNSAFE due to unfixable security vulnerabilities." << std::endl; + } } #endif - /** --- -2.12.2 - - -- cgit v1.2.3