https://bugs.kde.org/show_bug.cgi?id=358593
Bug ID: 358593
Summary: kdeinit5 create /tmp/xauth-xxx-_y with inappropriate
permission.
Product: frameworks-kinit
Version: unspecified
Platform: Archlinux Packages
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
Assignee: fa...@kde.org
Reporter: archer_...@yahoo.co.jp
CC: kdelibs-b...@kde.org
I'm sorry if my English is hard to understand.
kdeinit5 create /tmp/xauth-xxx-_y with inappropriate permission, 644.
I think it should be 600.
---affected system---
Distro : ArchLinux
Qt version : 5.5.1 (I'm sorry, I haven't check the other versions on Arch.)
KDE version : 5.18.0 (The same as above)
--
---not affected system---
Distro : Kubuntu 15.10 LiveCD
Qt version : 5.4.2
KDE version : 5.15.0
--
Reproducible: Always
Steps to Reproduce:
1. Just login to plasma5. (I tried sddm and startx.)
Actual Results:
The permission of /tmp/xauth-xxx-_y is 644.
Expected Results:
The permission of /tmp/xauth-xxx-_y should be 600.
I'm newbie but I tried to read the source for my study.
I changed near the line 1536 of kinit-5.18.0/src/kdeinit/kinit.cpp.
---before---
if (!xauthfrom.open(QFile::ReadOnly) || !xauthfile.open(QFile::WriteOnly)
|| xauthfile.write(xauthfrom.readAll()) != xauthfrom.size() ||
!xauthfile.commit()) {
--
to
---after---
if (!xauthfrom.open(QFile::ReadOnly) || !xauthfile.open(QFile::WriteOnly) ||
!xauthfile.setPermissions( QFile::Permissions( QFile::ReadOwner |
QFile::WriteOwner ) )
|| xauthfile.write(xauthfrom.readAll()) != xauthfrom.size() ||
!xauthfile.commit()) {
--
And remove /tmp/xauth-xxx-_y and relogin, then the permission become 600.
I don't have enough ‎knowledge, so I can't determine this is valid solution or
not.
--
You are receiving this mail because:
You are watching all bug changes.