https://bugs.kde.org/show_bug.cgi?id=414289
Bug ID: 414289 Summary: KAuth helper improvements requested by the SUSE security team Product: systemsettings Version: unspecified Platform: openSUSE RPMs OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: kcm_sddm Assignee: k...@davidedmundson.co.uk Reporter: fab...@ritter-vogt.de Target Milestone: --- Copy-pasting from https://bugzilla.opensuse.org/show_bug.cgi?id=1145182 a) and b) got fixed meanwhile c) SdmAutHelper::save() and SdmAuthHelper::installtheme() both access potentially user owned files (background files or theme archive files) without necessary protection. For example if a user downloads an image to /tmp then there is a danger that another user might play tricks with symlinks. Without `auth_admin` this would be completely unsafe. The only safe way to implement this would again be to drop privileges to the client user and safely copy the file away to some private location only accessible to root. d) The README file in the repository is quite meaningless (it seems to contain build instructions). Installing it as part of the package makes no sense. Somebody could try to help upstream to add some actual documentation in there. This is a common theme with KDE packages that the documentation is lacking and this is sad. e) The API for SddmAuthHelper::uninstalltheme is unsuitably complex. It takes a full path to the theme to uninstall and then the implementation tries hard to make sure this full path exactly points to a theme folder below /usr/share/sddm/themes. So the sane thing to do here would be to only expect the theme name to be removed, not a path in the first place. -- You are receiving this mail because: You are watching all bug changes.