Re: kio-admin in kdereview
El dimecres, 12 d’octubre de 2022, a les 10:40:45 (CEST), Harald Sitter va escriure: > Hola > > kio-admin implements an admin worker that gives root level access to > the file system > > https://invent.kde.org/system/kio-admin Can you please have a look at the MR I created? Cheers, Albert > > HS
Re: kio-admin in kdereview
On Sat, Oct 15, 2022 at 9:29 PM Albert Astals Cid wrote: > > El divendres, 14 d’octubre de 2022, a les 10:34:04 (CEST), Harald Sitter va > escriure: > > On Thu, Oct 13, 2022 at 10:32 PM Albert Astals Cid wrote: > > > El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va > > > > > > escriure: > > > > On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid > wrote: > > > > > Did I misunderstood the code? It looks like this run all of kio with > > > > > root > > > > > powers? > > > > > > > > That is correct > > > > > > That feels like a reasonably big no no with my security hat. > > > > > > I'm relatively sure we have not audited all of KIO and it's dependencies > > > to be "running as root"-safe. > > > > It is scary to be sure, but then the user has to opt into shooting in the > > foot. > > How much of that opt in message mentions potential security issues? None. Just like with kdesu and kdesudo it's merely by virtue of the authentication dialog that the user opts into any security concerns. HS
Re: kio-admin in kdereview
El divendres, 14 d’octubre de 2022, a les 10:34:04 (CEST), Harald Sitter va escriure: > On Thu, Oct 13, 2022 at 10:32 PM Albert Astals Cid wrote: > > El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va > > > > escriure: > > > On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid wrote: > > > > Did I misunderstood the code? It looks like this run all of kio with > > > > root > > > > powers? > > > > > > That is correct > > > > That feels like a reasonably big no no with my security hat. > > > > I'm relatively sure we have not audited all of KIO and it's dependencies > > to be "running as root"-safe. > > It is scary to be sure, but then the user has to opt into shooting in the > foot. How much of that opt in message mentions potential security issues? > > What's the use case of this against the kauth support in file_unix.cpp ? > > The latter doesn't exist :( There is a great deal of code that does auth stuff, it's just preceded by a // temporarily disable privilege execution Does anyone know what's the deal with that? Because if the code is good we should enable it, and if the code is bad we should probably rip it off? Cheers, Albert > > HS
Re: kio-admin in kdereview
Much as I don't like running KIO as root. The alternative right now is running Dolphin itself as root. KIO still has no kauth/Polkit support. Oct 14, 2022 4:34:36 AM Harald Sitter : > On Thu, Oct 13, 2022 at 10:32 PM Albert Astals Cid wrote: >> >> El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va >> escriure: >>> On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid wrote: Did I misunderstood the code? It looks like this run all of kio with root powers? >>> >>> That is correct >> >> That feels like a reasonably big no no with my security hat. >> >> I'm relatively sure we have not audited all of KIO and it's dependencies to >> be >> "running as root"-safe. > > It is scary to be sure, but then the user has to opt into shooting in the > foot. > >> What's the use case of this against the kauth support in file_unix.cpp ? > > The latter doesn't exist :( > > HS signature.asc Description: PGP signature
Re: kio-admin in kdereview
On Thu, Oct 13, 2022 at 10:32 PM Albert Astals Cid wrote: > > El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va > escriure: > > On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid wrote: > > > Did I misunderstood the code? It looks like this run all of kio with root > > > powers? > > > > That is correct > > That feels like a reasonably big no no with my security hat. > > I'm relatively sure we have not audited all of KIO and it's dependencies to be > "running as root"-safe. It is scary to be sure, but then the user has to opt into shooting in the foot. > What's the use case of this against the kauth support in file_unix.cpp ? The latter doesn't exist :( HS
Re: kio-admin in kdereview
El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va escriure: > On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid wrote: > > Did I misunderstood the code? It looks like this run all of kio with root > > powers? > > That is correct That feels like a reasonably big no no with my security hat. I'm relatively sure we have not audited all of KIO and it's dependencies to be "running as root"-safe. What's the use case of this against the kauth support in file_unix.cpp ? Cheers, Albert
Re: kio-admin in kdereview
On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid wrote: > Did I misunderstood the code? It looks like this run all of kio with root > powers? That is correct
Re: kio-admin in kdereview
El dimecres, 12 d’octubre de 2022, a les 10:40:45 (CEST), Harald Sitter va escriure: > Hola > > kio-admin implements an admin worker that gives root level access to > the file system > > https://invent.kde.org/system/kio-admin qDebug() << "actions!!!"; qDebug() << "urly!!!" << url; probably needs to go away or be a qCDebug? Did I misunderstood the code? It looks like this run all of kio with root powers? Cheers, Albert > > HS
kio-admin in kdereview
Hola kio-admin implements an admin worker that gives root level access to the file system https://invent.kde.org/system/kio-admin HS