<table><tr><td style="">chinmoyr updated this revision to Diff 16738.<br />chinmoyr marked 4 inline comments as done.<br />chinmoyr edited the test plan for this revision. <a href="https://phabricator.kde.org/transactions/detail/PHID-XACT-DREV-6ohsjscmathrwbx/" rel="noreferrer">(Show Details)</a><br />chinmoyr added a comment.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D6197" rel="noreferrer">View Revision</a></tr></table><br /><div><div><p>In my previous revision the logic for showing warning from ioslave was flawed. In case of deleteRecursive everything would have worked out fine but in case of copy the logic for warning would have failed. Since CopyJob creates number of sub jobs, there are as many number of slaves. If there happen to be more than one file with read access restricted then ioslave's warning would have been shown multiple times.</p>
<p>In this revision, I added a variable <tt style="background: #ebebeb; font-size: 13px;">m_enablePrivilegeExecution</tt>, a public method <tt style="background: #ebebeb; font-size: 13px;">isPrivilegeExecutionEnabled</tt> and an additional job flag <tt style="background: #ebebeb; font-size: 13px;">PrivilegeExecution</tt> to the KIO Job class.</p>
<p>Now if an application want's to execute a privilege file operation, it will</p>
<ol class="remarkup-list">
<li class="remarkup-list-item">create a job with <tt style="background: #ebebeb; font-size: 13px;">PrivilegeExecution</tt> flag.</li>
<li class="remarkup-list-item">the flag will cause the job to set <tt style="background: #ebebeb; font-size: 13px;">m_enablePrivilegeExecution</tt> to true.</li>
<li class="remarkup-list-item">when <tt style="background: #ebebeb; font-size: 13px;">execWithElevatedPrivilege()</tt> is called it will first emit <tt style="background: #ebebeb; font-size: 13px;">dataReq()</tt> signal.</li>
<li class="remarkup-list-item">the job will respond with a message "ElevatePrivilege" if it supports it and the slave will continue.</li>
</ol>
<p>The step 2 is very important. Even if the flag is set its upto us to decide which job should support it. And the jobs which support it will also show warnings prior to notifying the slave. This prevents misuse of the job during the brief period of elevated privilege.</p>
<p><a href="https://phabricator.kde.org/p/dfaure/" style="
border-color: #f1f7ff;
color: #19558d;
background-color: #f1f7ff;
border: 1px solid transparent;
border-radius: 3px;
font-weight: bold;
padding: 0 4px;" rel="noreferrer">@dfaure</a> what do you say about the feasibility of this approach?</p></div></div><br /><div><strong>CHANGES TO TEST PLAN</strong><div><div style="white-space: pre-wrap; color: #74777D;"><span style="padding: 0 2px; color: #333333; background: rgba(251, 175, 175, .7);">use D6199 to test the changes</span></div></div></div><br /><div><strong>REPOSITORY</strong><div><div>R241 KIO</div></div></div><br /><div><strong>CHANGES SINCE LAST UPDATE</strong><div><a href="https://phabricator.kde.org/D6197?vs=15729&id=16738" rel="noreferrer">https://phabricator.kde.org/D6197?vs=15729&id=16738</a></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D6197" rel="noreferrer">https://phabricator.kde.org/D6197</a></div></div><br /><div><strong>AFFECTED FILES</strong><div><div>src/core/job.cpp<br />
src/core/job_base.h<br />
src/core/job_p.h<br />
src/core/simplejob.cpp<br />
src/core/simplejob.h<br />
src/ioslaves/file/CMakeLists.txt<br />
src/ioslaves/file/file.h<br />
src/ioslaves/file/file_unix.cpp<br />
src/ioslaves/file/file_win.cpp<br />
src/ioslaves/file/kauth/CMakeLists.txt<br />
src/ioslaves/file/kauth/file.actions<br />
src/ioslaves/file/kauth/filehelper.cpp<br />
src/ioslaves/file/kauth/filehelper.h</div></div></div><br /><div><strong>To: </strong>chinmoyr, elvisangelaccio, Frameworks, dfaure<br /><strong>Cc: </strong>dfaure, eliasp, aacid<br /></div>